OpenClaw Guardian by MyClaw.ai
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent watchdog, but it runs continuously and can automatically repair, restart, commit, and hard-reset your OpenClaw workspace without asking each time.
Review this before installing as an unattended service. It is not shown exfiltrating data, but it can automatically modify and roll back your OpenClaw workspace and restart Gateway processes. Use a dedicated git-backed workspace, back it up, test in a safe environment, configure the workspace path carefully, and protect or omit the Discord webhook.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A false health-check failure or bad rollback target could change the Gateway environment, restart processes, or discard uncommitted workspace changes.
The watchdog automatically runs repair commands, hard-resets the workspace, and kills/restarts the gateway when health checks fail; these are powerful mutations done without per-action user approval.
$OPENCLAW_CMD doctor --fix >> "$LOG_FILE" 2>&1 ... git -C "$WORKSPACE" reset --hard "$STABLE_COMMIT" ... pkill -f "openclaw-gateway"
Use only on a dedicated, backed-up OpenClaw workspace; verify the stable commit logic, set GUARDIAN_WORKSPACE explicitly, and consider adding manual approval or dry-run safeguards before rollback.
Once installed, the watchdog may continue taking recovery actions after the original task is complete or after restarts.
The documentation instructs users to run the Guardian as a background process and optionally start it automatically on container restart.
nohup ~/.openclaw/guardian.sh >> /tmp/openclaw-guardian.log 2>&1 & ... Add to `~/.openclaw/start-gateway.sh` ... nohup /home/ubuntu/.openclaw/guardian.sh >> /tmp/openclaw-guardian.log 2>&1 &
Install autostart only if you want unattended operation, document how to stop it, and periodically check that only the intended guardian process is running.
Unintended files could be committed into the local repo, and rollback could propagate an older or incorrect state across the Gateway workspace.
The daily backup and rollback operate over the configured workspace as a whole, so one mistaken trigger or bad commit selection can affect many workspace files.
cd "$WORKSPACE" && git add -A && git commit -m "daily-backup: auto snapshot $today" ... git -C "$WORKSPACE" reset --hard "$STABLE_COMMIT"
Review .gitignore, keep the workspace narrowly scoped, make external backups before enabling rollback, and test recovery behavior in a non-production environment first.
Anyone with the webhook URL may be able to post to that Discord channel, and Guardian status messages will leave the local machine when configured.
The optional Discord webhook URL is a posting credential used to send status alerts externally; this is purpose-aligned and disclosed, but the URL should be protected.
DISCORD_WEBHOOK="${DISCORD_WEBHOOK_URL:-}" ... curl -s -X POST "$DISCORD_WEBHOOK"Use a dedicated Discord webhook, store it as a secret, rotate it if exposed, and leave DISCORD_WEBHOOK_URL unset if you do not want external alerts.