Gateway Guardian
v1.0.0Daemon that monitors OpenClaw gateway, auto-restarts it on failure, and logs events with configurable intervals on macOS and Linux.
⭐ 0· 561·10 current·12 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description claim a cross-platform daemon with configurable check interval and restart limits. The supplied guardian.sh performs a single one-shot check and restart attempt (no loop or interval, no MAX_RESTARTS), so it does not implement the advertised 'daemon' behavior. package.json exists but there is no install/build step — extra metadata that is unnecessary but not harmful. Hard-coded paths under $HOME/.openclaw and use of the openclaw CLI are coherent with a gateway watchdog, but the mismatch between claims and actual capabilities is notable.
Instruction Scope
SKILL.md instructs editing CHECK_INTERVAL, MAX_RESTARTS, LOG_FILE and running as a background daemon; the script exposes GATEWAY_PORT and LOG variables only, and lacks any loop or restart-count logic. The script reads/writes $HOME/.openclaw/openclaw.json and its backup, and invokes openclaw CLI commands (doctor, gateway restart/start, message send). The script sends alerts via openclaw message send to a hard-coded recipient ("7533987198"), which is an unexpected outbound alert target and could forward alerts to an unknown third party if left unchanged.
Install Mechanism
No install spec; this is instruction-only plus a shell script. Nothing is downloaded or written by an installer. Risk is limited to executing the included script.
Credentials
The skill does not request environment variables or external credentials. However, it depends on the user's installed openclaw CLI and existing OpenClaw configuration under $HOME/.openclaw; it will read/overwrite config and copy a backup to the active config. The hard-coded alert recipient is disproportionate — alerts should not be sent to a fixed external recipient without user confirmation.
Persistence & Privilege
The skill itself is not always:true and does not alter system-wide settings, but it writes logs to $HOME/.openclaw/logs/guardian.log and can be run in background via nohup as suggested by SKILL.md. Running it as daemon will create a persistent background process that has access to the user's OpenClaw config and can restart the gateway service.
What to consider before installing
Do not run this script unmodified. Specific recommendations:
- Don't trust the SKILL.md description alone: the script only performs a single check-and-restart; add a safe loop and interval and implement restart limits before using as a daemon.
- Remove or replace the hard-coded alert recipient ("7533987198"). Confirm where alerts should go and that messaging channels are configured and authorized.
- Inspect $HOME/.openclaw/openclaw.json and its backup; the script may overwrite your configuration — back up config elsewhere first.
- Run the script interactively first (not with nohup &) to observe behavior and logs, and test restart and messaging commands manually to ensure they do what you expect.
- Because source is 'unknown', prefer running in a restricted environment or container until you’re confident. If you want this skill to be accepted, request the maintainer update SKILL.md to match the script, expose configurable CHECK_INTERVAL and MAX_RESTARTS, and remove hard-coded external recipients.Like a lobster shell, security has layers — review code before you run it.
latestvk975ff5p2ba969t996qssx4r3581wgcj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.