Safe Update/Merge
WarnAudited by ClawScan on May 10, 2026.
Overview
This high-impact merge helper is mostly transparent, but its secret-redaction code can fail to remove private-key material before sending conflict files to Claude.
Only run this if you are comfortable with repository mutation, builds, and a gateway restart. Prefer --dry-run first, keep a clean worktree, verify remotes, and avoid --promote until you have tested the safe-merge branch. Until the redactor handles multiline secrets correctly, use --no-auto-resolve or ensure the repo contains no secrets before sending conflict files to Claude.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A conflicted file containing a PEM private key could disclose key material to the external Claude API despite the skill's promise of redaction.
The conflict-resolution flow uses this script before model upload, but the private-key pattern only matches the PEM BEGIN line. The multiline key body and END line can remain in the content sent to Claude.
# Detect and redact secrets from file content before sending to model ... '-----BEGIN (RSA |EC |OPENSSH |)PRIVATE KEY-----'
Use --no-auto-resolve or remove secrets from the repo until multiline private-key redaction is fixed; inspect redacted content before invoking Claude.
Running it can change your repository, briefly disrupt the gateway, and overwrite the target branch if you use promotion.
The skill clearly discloses powerful local and remote operations: building in place, restarting the live gateway, and force-pushing during promotion.
`npm run build` / `pnpm run build` ... `systemctl --user restart openclaw-gateway` ... `git push --force` to `TARGET_REMOTE/TARGET_BRANCH`
Run --dry-run first, use a clean worktree, verify remotes and branches, and only run --promote after confirming the safe-merge branch works.
Your Claude account/key may be used to process merge-conflict file contents.
The skill may use existing Claude CLI credentials for conflict resolution, which is expected for the optional Claude workflow but still grants external API access.
ANTHROPIC_API_KEY ... Required by the claude CLI for conflict resolution. May already be set in your shell environment or claude config (~/.claude/).
Use a scoped/dedicated API key where possible and disable auto-resolve if you do not want file contents sent to Claude.
If these reference files are merged into a gateway, users can interact with background or isolated agent sessions, which may affect ongoing agent work.
The bundled reference UI for background sessions can send user messages into an existing selected session if that reference feature is preserved/applied.
await client.request("chat.send", { sessionKey, message, idempotencyKey: `bg-${Date.now()}-${Math.random().toString(36).slice(2)}` })Only preserve/apply the background-sessions feature if you intend to expose transcript viewing and message-sending controls, and ensure gateway access is restricted.
You have less provenance information for code that can mutate a repo and restart a service.
The registry metadata does not provide an upstream source or homepage, while the package includes runnable merge scripts.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included scripts from the installed skill before running them, especially scripts/safe-merge-update.sh and scripts/redact-secrets.sh.