Use when diagnosing, repairing, or maintaining an OpenClaw Gateway on the same machine. Designed for rescue agents to fix a down gateway or check operational...
Security Analysis
high confidenceThe skill's requested actions and resource access are consistent with its stated purpose (rescue/health-check of a local OpenClaw Gateway); it is an instruction-only skill that needs local shell and config access but does not request unrelated credentials or install code.
Name/description match the runtime instructions: the skill explicitly targets diagnosis, repair, and maintenance of a local OpenClaw Gateway and asks only for shell access, Node.js/npm availability, and read/write access to ~/.openclaw/. Those requirements are appropriate for the stated tasks (logs, config edits, service restarts, dependency reinstall).
SKILL.md instructs the agent to read logs, configuration files, and env files containing tokens (with a non-enforceable instruction to never print them), run systemctl/launchctl, and perform safe-edit/backup workflows. These actions are within scope but do require the rescue agent to have access to secrets and the ability to modify system services — ensure the rescue agent itself is trusted. The guidance relies on the agent's discretion (e.g., not printing tokens), which is a behavioral constraint rather than an enforced technical control.
This is an instruction-only skill with no install spec or code files to be downloaded or executed during install. That minimizes supply-chain risk. README suggests installing SKILL.md from a GitHub repo, but the skill bundle in the registry contains only documentation; there is no automatic installer to evaluate.
The skill declares no required environment variables in the registry metadata, yet the instructions explicitly state the agent will access local env files containing tokens in ~/.openclaw/. Access to these local secrets is proportional to the task, but the registry metadata omission is a minor inconsistency. No unrelated external credentials or high-privilege cloud keys are requested.
The skill is not always-enabled and is user-invocable; it does not request persistent privileges or modify other skills' configs. It performs privileged local operations (service restarts, config edits) which are inherent to its purpose — install it only on a dedicated rescue agent, not on the primary gateway.
Guidance
This skill is coherent for its stated use: maintaining a local OpenClaw Gateway. Before installing, ensure you: (1) install it only on a separate, trusted rescue agent (the README repeats this warning), not on the primary gateway; (2) verify the rescue agent's access controls because the skill requires read/write access to ~/.openclaw/ and access to env files containing tokens; (3) review and keep copies of the SKILL.md so you understand what commands the agent will run, and require explicit user confirmation for destructive actions; (4) prefer running the rescue agent under a least-privilege account or inside a restricted container/VM to limit blast radius; (5) if you need stronger assurances, ask for an explicit list of local env filenames the skill will read and for any automated export/transmit steps (none are present in the current SKILL.md). If the package later includes code files or an install script that downloads archives or runs external binaries, re-evaluate before installing.
Latest Release
v1.2.1
Declare requirements and security notes: shell access, config access, credentials handling, backup-before-modify policy
More by @dinstein
Published by @dinstein on ClawHub
