← Back to Skills Marketplace

Restart Guard

Name: Restart Guard
Author: zjianru

by zjianru · GitHub ↗ · v2.2.0

cross-platform ⚠ suspicious

2197

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install restart-guard

Description

Deterministic OpenClaw gateway restart with down/up state-machine verification, origin-session proactive ACK, and backward-compatible config.

Usage Guidance

This skill will automatically perform gateway restarts and then try to proactively notify the originating session and external channels. Before installing or enabling it: - Be aware it is designed to auto-run on simple natural-language triggers (e.g. "restart now") and may restart a gateway without extra confirmation. Consider requiring explicit human confirmation in your deployment if you don't want one-shot voice/text triggers to restart production. - Review and limit the GATEWAY_AUTH_TOKEN and any notification tokens (Telegram/Discord/Slack/webhook) it will use. The code will also read ~/.openclaw/.env to resolve tokens — inspect that file for other secrets before allowing the skill access. - Audit the included scripts (restart.py, guardian.py, notify.py, write_context.py) in your environment and test in a staging system first. Pay attention to the notification webhook URLs and content templates to avoid accidental secret leakage. - If you want stricter safety, modify the workflow to require an explicit confirmation step before executing the auto_restart flow, or limit agent permissions so automatic invocation cannot be triggered by casual chat.

Capability Analysis

Type: OpenClaw Skill Name: restart-guard Version: 2.2.0 The OpenClaw AgentSkills skill bundle is classified as 'suspicious' due to its inherent high-risk capabilities, such as restarting the OpenClaw gateway, performing system-level operations (e.g., `lsof`, `kill`), and sending notifications to external services (Telegram, Discord, Slack, generic webhooks). While these actions are aligned with the skill's stated purpose of deterministic gateway restart and reporting, they represent significant control over the system and external communication channels. The code demonstrates strong security awareness, with explicit fixes for past vulnerabilities (webhook template injection, host/port validation, shell metacharacter rejection in commands) detailed in `CHANGELOG.md` and verified by `tests/test_security_fixes.py`. Sensitive data is redacted from logs and diagnostics. No evidence of intentional malicious behavior (e.g., credential theft, unauthorized exfiltration to unknown endpoints, persistence mechanisms) was found. The `README.md` explicitly notes that the skill may be marked 'suspicious' due to its capabilities, not malicious intent, which aligns with this classification.

Capability Assessment

ℹ Purpose & Capability

Name/description (deterministic gateway restart + notifications) aligns with the included scripts and config. Required binaries (python3, curl) and GATEWAY_AUTH_TOKEN are consistent with the HTTP/CLI notification paths and restart operations. The skill also includes multi-channel notification support (telegram/discord/slack/webhook/openclaw passthrough), which is expected for its stated delivery guarantees.

⚠ Instruction Scope

SKILL.md and the implementation explicitly require the agent to auto-run the full restart flow on simple natural-language triggers (e.g. "restart now") and to infer the origin session automatically. That gives the agent discretion to perform a destructive, high-impact operation without additional interactive confirmation. The code reads local files (openclaw.json, ~/.openclaw/.env) and writes local diagnostics/context files; while these are relevant to restart/notification, automatic inference and the directive "do not expose internal scripts/steps unless user explicitly asks" reduce transparency and increase risk of unintended restarts or hidden actions.

✓ Install Mechanism

This is an instruction-only skill with bundled Python scripts (no external install/download step). There is no remote URL or archive extract in the install spec — code is present in the skill bundle and runs locally. No high-risk install mechanism detected.

⚠ Credentials

The skill declares a single required env var (GATEWAY_AUTH_TOKEN) which is reasonable for using the gateway HTTP tool. However, notify logic will read other notification secrets (TELEGRAM_BOT_TOKEN, DISCORD_WEBHOOK_URL, SLACK_WEBHOOK_URL, RESTART_GUARD_WEBHOOK_URL, etc.) from environment or from a user dotfile (~/.openclaw/.env). The code will open and parse that dotfile to resolve keys, which can expose unrelated secrets stored there. The number/variety of optional env keys is proportional to multi-channel notifications but the implicit dotenv access and passthrough to external webhooks warrant caution.

ℹ Persistence & Privilege

always is false and the skill does not request permanent platform-wide inclusion. It spawns a detached guardian process to persist across a gateway restart (intended behavior) and the guardian exits after completion. Autonomous invocation is enabled (platform default); combined with the explicit 'must auto-run' trigger policy in SKILL.md this increases the operational blast radius, but the skill itself does not set always:true or modify other skills' configs.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install restart-guard
After installation, invoke the skill by name or use /restart-guard
Provide required inputs per the skill's parameter spec and get structured output

Version History

v2.2.0

Security fixes and work directory rename

v2.1.2

- Add "metadata" section to declare required binaries (`python3`, `curl`) and environment variables for integration with external channels. - Increment version to 2.1.2. - No functional or workflow changes; documentation update only.

v2.1.1

restart-guard 2.1.1 - Enforced strict non-shell execution mode for verify/diagnostics commands; commands with shell metacharacters (e.g., pipes) will now be rejected. - Documentation updates in SKILL.md clarifying command execution policy and notes. - Added new test file: tests/test_restart_runtime_helpers.py. - Various test and script file enhancements and maintenance.

v2.1.0

Release v2.1.0: enhanced restart state machine, origin-session proactive ACK, disaster fallback delivery, zero-config auto flow, bilingual docs.

v1.1.0

Version 1.1.0 (restart-guard) - Added notification script (notify.py) to support multi-channel failure/health alerts. - Guardian now broadcasts notifications to all configured channels (Telegram, Discord, Slack, webhook), not just one fallback. - Updated config.example.yaml to reflect new notification options. - Documentation and usage flow updated in SKILL.md. - Removed old README.md, consolidating information to SKILL.md.

v1.0.1

Improved SKILL.md (concise), README.md (comprehensive with flow diagram), generic config paths

v1.0.0

test

Metadata

Slug restart-guard

Version 2.2.0

License —

All-time Installs 10

Active Installs 9

Total Versions 7

Frequently Asked Questions

What is Restart Guard?

Deterministic OpenClaw gateway restart with down/up state-machine verification, origin-session proactive ACK, and backward-compatible config. It is an AI Agent Skill for Claude Code / OpenClaw, with 2197 downloads so far.

How do I install Restart Guard?

Run "/install restart-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Restart Guard free?

Yes, Restart Guard is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Restart Guard support?

Restart Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Restart Guard?

It is built and maintained by zjianru (@zjianru); the current version is v2.2.0.

More Skills