WatchClaw
ReviewAudited by ClawScan on May 10, 2026.
Overview
WatchClaw’s watchdog behavior is mostly disclosed, but its installer pulls unreviewed, unpinned executables from GitHub while the tool can automatically change OpenClaw config and restart services.
Review and pin the downloaded code before installing, avoid blind curl-to-bash installation, and run WatchClaw only against a dedicated OpenClaw config git repo that you have backed up. Confirm alert destinations and remember that the daemon will keep monitoring, stashing/reverting config, and restarting services until stopped.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The installed program could differ from what was reviewed, and later changes to the remote main branch could alter behavior before installation.
The installer downloads the core executable files from a mutable GitHub branch at install time. Those executable files are not included in the reviewed manifest, so the code that performs the high-impact watchdog actions is not reviewable here.
BRANCH="main" ... FILES=(watchclaw watchclaw.sh) ... curl -fsSL "$BASE/$f" -o "$INSTALL_DIR/$f" ... chmod +x "$INSTALL_DIR/$f"
Install only from a pinned release or commit, review the downloaded watchclaw/watchclaw.sh files before use, and prefer a package that includes checksums or the full source in the submitted artifact.
If pointed at the wrong repo or if health checks misfire, it may stash or revert configuration changes and restart the gateway without asking again.
The skill is designed to run git stash/revert and restart recovery flows automatically when it judges a config change to be bad.
Auto-recovery — stashes uncommitted changes (U1) or reverts bad commits (U2) via git
Use a dedicated OpenClaw config git repo, keep backups and commits clean, verify the configured path, and test recovery behavior before running it as a daemon.
It will keep taking recovery actions until stopped, which can surprise users who expect only a one-time check.
The watchdog is explicitly meant to run in the background and continue monitoring after it is started.
# Start watching (background daemon) watchclaw --config /path/to/watchclaw.conf start
Start it only when you want continuous monitoring, document who owns the daemon, and use the documented stop/status/log commands to manage it.
Operational details about your gateway could be sent to third-party chat or webhook services if configured.
The alert feature can send watchdog status messages to external webhook destinations chosen in configuration.
webhook — Slack, Discord, Telegram, etc.
Posts `{"text": "..."}` to any URL.Use only trusted webhook URLs, treat webhook URLs as secrets, and avoid putting sensitive data in alert messages or custom alert commands.