← Back to Skills Marketplace
257
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install openclaw-config-guardian
Description
Protect openclaw.json with automatic rollback, lock mode, multi-version baseline snapshots, audit log, and SIGUSR1 gateway hot-reload. Use when you need to s...
Usage Guidance
This skill is internally consistent with its purpose, but read these points before installing: (1) It runs as root and writes/reads files under /root/.openclaw — ensure you trust the script and keep backups. (2) The guardian sends alerts by calling the local 'openclaw message send' command (itself responsible for any network deliveries); confirm your OpenClaw gateway and its configured channels (Discord ID, Telegram target) are trusted. (3) The installer enforces a self-checksum: when you update the guardian script you must recompute and store the SHA256 file or the service will refuse to start (fail-closed behavior). (4) Review the bundled openclaw-config-guardian.sh for any site-specific hardcoded IDs/paths you don’t want (the alert channel/target IDs are embedded). (5) Consider testing in a staging system first (ensure baseline.bak is valid before enabling the service) so you don’t accidentally lock production configs. If you want additional assurance, ask the author for signed releases or an independent code review of the script.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-config-guardian
Version: 1.0.4
The skill bundle contains a 'Config Guardian' script (scripts/openclaw-config-guardian.sh) that includes hardcoded Discord (1483995509910667455) and Telegram (5189839048) IDs for sending 'alerts' when configuration validation fails or the script is modified. While the documentation (SKILL.md, DESIGN.md) explicitly claims the tool has 'no network access' and 'no risk of data exfiltration,' the code uses the 'openclaw message send' command to transmit system status, error messages, and process information to the author's accounts. This deceptive 'phone-home' behavior, combined with an anti-tamper self-check that also reports to the author, constitutes unauthorized data exfiltration and monitoring.
Capability Assessment
Purpose & Capability
Name/description match the files and scripts. Required binaries (inotifywait, jq, sha256sum) and root permissions are reasonable and necessary for filesystem monitoring, JSON state handling, and checksum verification. The scripts operate on /root/.openclaw/openclaw.json as advertised.
Instruction Scope
SKILL.md and the scripts confine actions to monitoring, snapshotting, validating (via openclaw CLI), baseline management, rollback, and sending SIGUSR1 to the gateway. The only network-facing behavior is sending alerts by invoking the local 'openclaw message send' CLI — the guardian itself does not open sockets or download code. Note: the package states "no network access" but also documents the gateway-based alert path; this is explained in the docs (guardian relies on gateway to perform network I/O).
Install Mechanism
There is no external download; install.sh copies the bundled script to /usr/local/bin, writes a systemd unit, creates backup dirs, and enables the service. No remote URLs, shorteners, or archive extraction are used.
Credentials
The skill requests no external credentials or env vars. It requires root access to read/write /root/.openclaw and to signal the gateway; that is proportionate to the described operations. It does call the openclaw CLI (assumes a deployed gateway), which is documented and checked by the installer.
Persistence & Privilege
Installs a systemd service and a binary under /usr/local/bin and runs as root — expected for a persistent filesystem/daemon guard. always:false and normal autonomous invocation are used. The skill does not alter other skills' configurations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-config-guardian - After installation, invoke the skill by name or use
/openclaw-config-guardian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
Rename runtime script to openclaw-config-guardian.sh so it appears in package manifest; fix install.sh cp source path accordingly
v1.0.3
Clarify network access: alerts use local openclaw CLI (gateway handles network, guardian has no direct network access); clarify guardian script is bundled in package, not fetched externally
v1.0.2
Fix metadata mismatch: add requires.bins (inotifywait/jq/sha256sum), permissions (root), platform (linux), install hints to match actual installer requirements
v1.0.1
Add security rationale section (root permission explanation), explicit User=root in systemd service with comment
v1.0.0
Initial release: v3.2 true state-machine lock, unlock subcommand, audit log, multi-baseline history, SIGUSR1 hot-reload, fail-closed self-integrity check
Metadata
Frequently Asked Questions
What is config-guardian?
Protect openclaw.json with automatic rollback, lock mode, multi-version baseline snapshots, audit log, and SIGUSR1 gateway hot-reload. Use when you need to s... It is an AI Agent Skill for Claude Code / OpenClaw, with 257 downloads so far.
How do I install config-guardian?
Run "/install openclaw-config-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is config-guardian free?
Yes, config-guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does config-guardian support?
config-guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created config-guardian?
It is built and maintained by xbcvv (@xbcvv); the current version is v1.0.4.
More Skills