ClawHub

Gateway Auto-Rollback

v1.1.0

Automatic configuration rollback mechanism for OpenClaw Gateway. Provides three-layer protection: pre-modification backup, post-modification validation, and...

0· 380·3 current·3 all-time
by@halfmoon82
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (auto rollback for OpenClaw Gateway) aligns with included Python script and test script. The code operates on ~/.openclaw config files, creates backups, validates JSON, checks local Gateway health, and performs rollbacks — all coherent with the declared purpose.
Instruction Scope
SKILL.md instructions map directly to the script behavior: one-shot run, watch mode, manual rollback, cron examples, and test steps. The instructions only reference local files (~/.openclaw), the local Gateway health endpoint (127.0.0.1:18789), and local logging — they do not instruct the agent to read unrelated system files or to transmit data externally.
Install Mechanism
There is no install spec (instruction-only with included script files). This is low risk: no downloads or archives are fetched at install time. The skill does include runnable code, so users should still inspect/execute it in their environment before trusting it.
Credentials
The skill declares no required env vars and the code does not read secrets. One operational caveat: check_gateway_health() calls the external 'curl' binary; the registry metadata lists no required binaries, so the script will silently fail health checks if curl is absent. No credentials or unrelated environment access are requested.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not modify other skills or global agent settings; it writes to ~/.openclaw (its own config area) which is consistent with its function.
Assessment
This skill appears to do what it says: local backups, JSON validation, health probes and rollback for OpenClaw config files. Before installing or running it: 1) review the Python script yourself (it's included) and run tests in a safe environment; 2) be aware it will create/modify files under ~/.openclaw (backup and log files) and will copy backups back into place on rollback; 3) ensure the local Gateway health endpoint (http://127.0.0.1:18789/api/health) is what you expect and that the system has 'curl' available (the script expects it but the metadata declares no required binaries); 4) run the bundled tests (test-rollback-mechanism.sh) manually to confirm behavior before enabling any daemon/watch mode; 5) if you do not trust the anonymous source, avoid running the watch/daemon mode or run it in a constrained/testing environment. If you see any unexpected network calls or references to remote endpoints in future versions, treat that as a red flag.

Like a lobster shell, security has layers — review code before you run it.

latestvk973b0sy4ca1xg1d7j4wanjrxn821dab

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments