ClawHub

Config Guardian

v1.0.1

Safe OpenClaw config updates with automatic backup, validation, and rollback. For agent use - prevents invalid config updates.

4· 4.7k·39 current·41 all-time
by@abdhilabs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, and included scripts consistently implement atomic config changes, backups, validation (openclaw doctor), and rollback. The .clawhub/origin.json declaring required binaries (openclaw, python3) matches the scripts' runtime calls.
Instruction Scope
Runtime instructions tell the agent only to run the included scripts which read/write ~/.openclaw/openclaw.json and run openclaw doctor. This stays within the stated purpose. Note: simple text searches (grep) in validate_config.sh may yield false positives for blocked keys and the inline python validation assumes a particular JSON shape—these are implementation caveats rather than malicious behavior.
Install Mechanism
No install spec or remote downloads are present; the skill is instruction+script-only and does not pull external code during install.
Credentials
The skill requests no environment variables or credentials. It only requires the openclaw and python3 binaries which are necessary for its stated functionality.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide agent settings. It only reads/writes the user's OpenClaw config and keeps backups under ~/.openclaw/config-guardian-backups.
Assessment
This skill appears to do what it says: create backups, apply a config change via the local openclaw CLI, run openclaw doctor, and restore on failure. Before installing/use: (1) verify you trust the local openclaw binary (the scripts call it and rely on its behavior); (2) inspect the scripts yourself (they operate on ~/.openclaw/openclaw.json and create backups there); (3) test in a safe environment or with a copy of your config to confirm validation behavior and that blocked-key detection meets your expectations (grep may match substrings); (4) confirm openclaw doctor is available and behaves as expected (it’s the validation gate); (5) if you need stricter checks, consider hardening validate_config.sh (e.g., stricter JSON key checks). Overall the skill is internally coherent and does not request excessive privileges or external installs.

Like a lobster shell, security has layers — review code before you run it.

agent-toolvk972nje84fvgft45qnjvjb38tx81hqvrbackupvk972nje84fvgft45qnjvjb38tx81hqvrconfigvk972nje84fvgft45qnjvjb38tx81hqvrlatestvk972nje84fvgft45qnjvjb38tx81hqvrsafetyvk972nje84fvgft45qnjvjb38tx81hqvrvalidationvk972nje84fvgft45qnjvjb38tx81hqvr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments