← Back to Skills Marketplace
590
Downloads
0
Stars
2
Active Installs
3
Versions
Install in OpenClaw
/install rescueclaw
Description
Provides automatic checkpoint creation and rollback to safely recover from failures during risky operations like config changes or updates.
Usage Guidance
This skill appears to do what it claims (create/clear checkpoint files and invoke a user-local daemon), but before installing: 1) Review the upstream GitHub repository and the exact release asset (verify that the release author is trusted). 2) Prefer installs with checksums/signatures — the installer does not verify them. 3) Inspect the downloaded binary (or run it in an isolated environment) before trusting it, since the installer extracts a tarball from Releases. 4) Note that example code uses systemctl (requires privileges) and uses '~' in paths (Node won't expand it automatically) — fix these when you adapt the examples. 5) Ensure ~/.local/bin is in your PATH and that you are comfortable with a user-local daemon being available for the agent to call. If you need higher assurance, request a signed release or build the daemon from source yourself.
Capability Analysis
Type: OpenClaw Skill
Name: rescueclaw
Version: 0.2.1
The skill is classified as suspicious due to its use of `execSync` in `install.js` to download and execute an external binary from GitHub, and in `rescueclaw-checkpoint.js` to interact with the installed daemon. While these actions are part of the skill's stated purpose (installing a checkpointing daemon), downloading and executing external code via shell commands (`curl`, `tar`) is a high-risk operation and a potential supply chain vulnerability. Additionally, the `SKILL.md` demonstrates the agent's ability to execute arbitrary shell commands via `exec`, which, if not properly sandboxed, presents a significant prompt injection vulnerability for the agent itself, even though the skill does not maliciously exploit it.
Capability Assessment
Purpose & Capability
The skill's name/description (checkpoint + rollback for risky operations) matches the provided code and runtime instructions: rescueclaw-checkpoint.js creates/clears a checkpoint file and queries a user-local daemon; install.js installs a user-local daemon binary. No unrelated credentials, services, or capabilities are requested.
Instruction Scope
SKILL.md and the API expose exactly the checkpoint operations. However, example usage includes privileged operations (e.g., restarting a system service via systemctl) and uses a literal '~' in fs.writeFileSync (Node.js does not expand ~ automatically), which is a bug/ambiguous guidance. The docs instruct agents to call the daemon CLI (rescueclaw status) and to write checkpoint files under ~/.openclaw/rescueclaw — both are within the skill's stated scope, but the example's systemctl usage requires elevated privileges and is not something the skill can safely perform on behalf of a user without explicit consent.
Install Mechanism
Installation downloads a tar.gz from a GitHub Releases URL (well-known host) and extracts it into ~/.local/bin; this is a common pattern. Concerns: the installer doesn't verify checksums or signatures, extracts archives directly (tar extraction can be abused if upstream is compromised), and uses curl/tar via execSync (the script itself invokes shell commands). The install targets user-local paths (no sudo required), which limits system-wide impact.
Credentials
The skill requests no environment variables, no credentials, and stores data under the user's home directory (~/.openclaw/rescueclaw). The code does call external binary 'rescueclaw' when present, which matches the skill's role. There are no extraneous secrets or unrelated env access.
Persistence & Privilege
The skill does create persistent artifacts: it installs a daemon binary to ~/.local/bin/rescueclaw and stores checkpoint data under ~/.openclaw/rescueclaw/. always is false (not force-included). The agent is allowed to invoke the skill autonomously by default (normal for skills); this combined with a long-lived daemon means the binary could be executed by the agent later — review the binary from upstream before trusting it.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install rescueclaw - After installation, invoke the skill by name or use
/rescueclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.1
Downloads platform-specific binary from GitHub Releases (no curl|bash). User-local paths (~/.openclaw/rescueclaw). Supports linux/arm64, linux/amd64, macos/arm64, macos/amd64.
v0.2.0
Fix security flags
v0.1.0
Initial release — checkpoint/rollback safety net for risky agent operations
Metadata
Frequently Asked Questions
What is RescueClaw?
Provides automatic checkpoint creation and rollback to safely recover from failures during risky operations like config changes or updates. It is an AI Agent Skill for Claude Code / OpenClaw, with 590 downloads so far.
How do I install RescueClaw?
Run "/install rescueclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is RescueClaw free?
Yes, RescueClaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does RescueClaw support?
RescueClaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created RescueClaw?
It is built and maintained by harman314 (@harman314); the current version is v0.2.1.
More Skills