← Back to Skills Marketplace
allthebadthings

Gateway Safety

by allthebadthings · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
289
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install gateway-safety
Description
Safely update OpenClaw gateway configuration (openclaw.json) with automatic validation, backup, and 30-second health-check rollback. Use this skill whenever...
README (SKILL.md)

Gateway Safety

This skill ensures that any modifications to the OpenClaw gateway configuration are done safely. It prevents "death loops" and permanent session loss by verifying the gateway can successfully reboot before committing to a new config.

Core Rules

  1. Mandatory Script Use: Never edit ~/.openclaw/openclaw.json directly. Always use the provided safe-gateway-update.sh script.
  2. Anti-Loop Policy: If the script fails 3 times consecutively, it will create a GATEWAY_LOCKOUT file. If this file exists, STOP ALL OPERATIONS and wait for Kevin. Do not attempt to bypass the lockout.
  3. Backup Awareness: The script maintains its own backups, but for critical changes, manually verify ~/.openclaw/openclaw.json.known-good is up to date.

Usage

To update the gateway configuration:

  1. Prepare the new configuration JSON file (e.g., at /tmp/new_config.json).
  2. Execute the safety script: 
    [SKILL_PATH]/scripts/safe-gateway-update.sh /tmp/new_config.json [timeout_seconds]
  3. The script will:
    • Validate the JSON syntax.
    • Backup the current config.
    • Apply the new config and restart the gateway.
    • Poll for a successful "RPC probe: ok" status.
    • Roll back to the previous config if the health check fails or times out.

Authorship

Created by Kevin Smith & Rook (Orbit Smith), March 2026.

Usage Guidance
This skill appears to implement the stated safe-update behavior, but before installing or invoking it: 1) Verify jq and the openclaw CLI exist on target hosts and are the expected tools (the metadata does not declare these binaries). 2) Inspect and confirm the script's file paths ($HOME/.openclaw, $HOME/.rook) and ensure you accept logs/backups being written there. 3) Understand the lockout behavior: after 3 failures the script creates a GATEWAY_LOCKOUT file and instructs agents to stop and 'wait for Kevin' — confirm who is the intended approver and update messaging/policy if needed. 4) Consider testing the script in a safe environment (non-production gateway) to see how restart/status behave and to confirm rollback works. 5) Recommend updating the skill metadata to list required binaries (jq, openclaw) and/or hardening the script (check that CONFIG_PATH exists before copying, validate permissions, and avoid reliance on a single named human in automated messaging).
Capability Analysis
Type: OpenClaw Skill Name: gateway-safety Version: 1.0.0 The skill bundle provides a utility for safely updating the OpenClaw gateway configuration file (~/.openclaw/openclaw.json). The included script (safe-gateway-update.sh) implements standard safety procedures including JSON validation via jq, automatic backups, health-check polling, and a rollback mechanism if the gateway fails to restart. It also includes a failure counter and a lockout file mechanism to prevent automated agents from entering a 'death loop' of failed configuration attempts.
Capability Assessment
Purpose & Capability
The skill claims to safely update the gateway config and the provided script implements that. However, the metadata declares no required binaries while the script calls external commands (jq for JSON validation and openclaw for restart/status). The missing declared dependencies is an incoherence: the skill will fail or behave unpredictably if those binaries are absent or not the expected implementations.
Instruction Scope
SKILL.md restricts actions to using the included script and describes the backup/validate/restart/rollback flow. The scope is limited to gateway config files in $HOME/.openclaw and agent-facing behavior. Note: the script assumes an existing config at $HOME/.openclaw/openclaw.json (no pre-check before backing up) and writes logs to $HOME/.rook/logs and a lockout file that instructs agents to 'STOP ALL OPERATIONS' and wait for a named person ('Kevin'), which may be operationally awkward.
Install Mechanism
This is an instruction-only skill with an included shell script and no install spec — low install risk. Nothing is downloaded or installed by the skill bundle itself.
Credentials
The skill declares no required environment variables or credentials, which is fine, but the script uses $HOME paths and external binaries without declaring them. The implicit dependency on jq and the openclaw CLI should be declared; otherwise the agent may run this when the environment is not appropriate.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges; always:false. It writes backups, a known-good file, failure count, logs, and potentially a GATEWAY_LOCKOUT file in the user's home directory — expected for its purpose but worth noting because those files control agent retry behavior and include a hardcoded human contact instruction.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gateway-safety
  3. After installation, invoke the skill by name or use /gateway-safety
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release - prevents death loops and session loss when modifying OpenClaw gateway configs.
Metadata
Slug gateway-safety
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Gateway Safety?

Safely update OpenClaw gateway configuration (openclaw.json) with automatic validation, backup, and 30-second health-check rollback. Use this skill whenever... It is an AI Agent Skill for Claude Code / OpenClaw, with 289 downloads so far.

How do I install Gateway Safety?

Run "/install gateway-safety" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Gateway Safety free?

Yes, Gateway Safety is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Gateway Safety support?

Gateway Safety is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Gateway Safety?

It is built and maintained by allthebadthings (@allthebadthings); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments