← 返回 Skills 市场
Config Modification Safety
作者
alexduming
· GitHub ↗
· v1.0.0
· MIT-0
64
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install config-modification-safety
功能描述
OpenClaw 配置安全守护。防止 AI 改坏配置文件的双层守护架构,支持 macOS 和 Windows。 触发场景:AI 修改配置文件后系统崩溃、JSON 语法错误导致 Gateway 无法启动、想给 OpenClaw 配置安全网。 核心功能: - 第一层(铜墙):配置文件变更时自动校验 JSON,语法错误...
使用说明 (SKILL.md)
config-modification-safety
OpenClaw 配置安全守护 — 给 AI 的配置修改加上双层保险。
🔐 这个 Skill 解决什么问题
AI 修改配置时可能犯错导致整个系统崩溃,而且 AI 自己无法修复(因为 Gateway 起不来了)。双层守护架构确保:
- JSON 语法错误 → \x3C 1 秒自动回滚
- Gateway 崩溃 → 5~15 分钟自动恢复
- 完全自动,不需要人工介入
🚀 快速安装
macOS(苹果电脑)
bash ~/.openclaw/skills/config-modification-safety/scripts/install.sh
使用 macOS 原生 launchd WatchPaths,不需要安装任何额外依赖
Windows(Windows 10/11)
- 找到
~/.openclaw/skills/config-modification-safety/windows/目录 - 右键点击
install.bat→ 以管理员身份运行
使用 PowerShell FileSystemWatcher + Task Scheduler
📊 架构原理
| 层级 | macOS | Windows | 响应时间 | 防什么 |
|---|---|---|---|---|
| 铜墙(第一层) | launchd WatchPaths | FileSystemWatcher | \x3C 1 秒 | JSON 语法写错 |
| 铁壁(第二层) | cron | Task Scheduler | 5~15 分钟 | 配置值错误崩溃 |
📋 常用命令
macOS
# 手动回滚
python3 ~/.openclaw/workspace/.lib/config-safety/guard.py rollback
# 查看守护日志
tail -f ~/.openclaw/workspace/.lib/config-safety/guard.log
# 检查守护进程
launchctl list | grep config-guard
# 卸载
launchctl unload ~/Library/LaunchAgents/com.openclaw.config-guard.plist
crontab -e # 删除 config-safety 那行
Windows(命令提示符 / PowerShell)
:: 手动回滚
python %USERPROFILE%\.openclaw\workspace\.lib\config-safety\guard.py rollback
:: 查看任务状态
schtasks /query /tn "OpenClaw"
:: 卸载
schtasks /delete /tn "OpenClaw Config Guard" /f
schtasks /delete /tn "OpenClaw Health Check" /f
🎯 什么时候会触发保护
第一层(铜墙)触发: AI 修改配置文件时 JSON 语法写错(多余逗号、引号、花括号),1 秒内自动回滚。
第二层(铁壁)触发: JSON 语法正确但值错误(不存在模型名等),导致 Gateway 崩溃,5~15 分钟后自动恢复。
🔧 工作目录
macOS
~/.openclaw/workspace/.lib/config-safety/ # 守护脚本
~/.openclaw/config-backups/ # 配置文件备份(最多 10 份)
Windows
%USERPROFILE%\.openclaw\workspace\.lib\config-safety\ # 守护脚本
%USERPROFILE%\.openclaw\config-backups\ # 配置文件备份
⚠️ 重要提示
- 备份最多保留 10 份,自动清理旧备份
- 回滚恢复到最近一次成功备份
- 系统完全崩溃时:macOS
guard.py rollback,Windowsguard.py rollback即可 10 秒恢复
📤 分享到 ClawHub
打包 Skill:
python3 ~/.openclaw/skills/skill-creator/scripts/package_skill.py \
~/.openclaw/skills/config-modification-safety \
~/.openclaw/skills/config-modification-safety/dist
分享给其他用户后:
- macOS 用户:运行
install.sh - Windows 用户:运行
install.bat(管理员) - 门槛极低,体验极佳
安全使用建议
Do not run the provided install scripts as administrator until you verify the package contents. Specific issues to check before installing:
- Missing files: the installer expects com.openclaw.config-guard.plist, install.bat, and Windows PowerShell scripts referenced in windows/SKILL.md, but these files are not in the manifest. Ask the publisher for the missing artifacts or an updated package.
- Verify the 'openclaw' CLI referenced by restart_gateway exists on your system and that you trust it.
- Inspect the launchd plist and any Task Scheduler/PowerShell scripts (if provided) to confirm they run only the expected guard scripts and do not call external URLs or upload data.
- Run the installer in a sandbox or test machine first (not your production environment). Verify that backups are created in ~/.openclaw/config-backups and that rollback/restore behave as expected.
- On Windows, never double-click or run an install.bat as Administrator unless you have the complete package and have inspected the scripts. If the publisher cannot provide the missing files, treat the skill as incomplete and avoid installing.
功能分析
Type: OpenClaw Skill
Name: config-modification-safety
Version: 1.0.0
The skill implements a configuration watchdog that uses high-risk persistence mechanisms, including crontab and launchd on macOS and Task Scheduler on Windows, to monitor and automatically roll back changes to agent.json. While the stated intent is to provide safety against AI-induced configuration errors, the use of background persistence and automated service restarts (via guard.py and health-check.sh) constitutes high-risk behavior. Additionally, there is a discrepancy in scripts/health-check.sh where comments mention LLM-based checks that are not present in the code, and scripts/install.sh references a .plist file that was not included in the provided source bundle.
能力评估
Purpose & Capability
The name/description (config protection for OpenClaw) aligns with the included Python and shell scripts: they back up config files, validate JSON, roll back, and attempt to restart the Gateway. The scripts call an "openclaw gateway restart" command (assumes an OpenClaw CLI) which is reasonable for this purpose but is not declared as a required binary in the metadata.
Instruction Scope
SKILL.md and the scripts instruct installing persistent jobs (launchd + cron, or Task Scheduler/PowerShell on Windows) and to run install scripts as admin on Windows. However the install instructions reference files that are not present in the package (e.g., com.openclaw.config-guard.plist, install.bat, PowerShell scripts mentioned in windows SKILL.md). That mismatch means the runtime instructions are incomplete or inconsistent and could lead users to run admin-level installers that won't function correctly or will leave the system in an uncertain state.
Install Mechanism
There is no external network download (good), and installation is local copy + registering launchd/cron. But install.sh expects a plist at $HOME/.openclaw/skills/.../scripts/com.openclaw.config-guard.plist which is absent from the manifest. The Windows install path and helper files (install.bat, PowerShell watcher/health scripts) are also referenced but not included. Missing install artifacts make the install process unreliable and potentially risky if users try to supply/modify files themselves.
Credentials
The skill does not request credentials or environment variables in metadata. The health-check script optionally reads GATEWAY_URL from the environment (defaults to localhost), which is appropriate. No secret-exfiltration indicators or unrelated credential requirements are present.
Persistence & Privilege
The skill installs persistent watchdogs (launchd + cron on macOS, Task Scheduler on Windows) which is expected for this functionality. It does not set always:true. Windows installation requires administrator privileges per the documentation—this is reasonable for registering scheduled tasks but increases risk if the package is incomplete or malicious. The skill does not attempt to modify other skills' configs in the provided code.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install config-modification-safety - 安装完成后,直接呼叫该 Skill 的名称或使用
/config-modification-safety触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
首次发布。支持 macOS 和 Windows 双平台,零依赖安装。双层守护架构:配置变更监听(铜墙)+ 定时健康巡检(铁壁)。
元数据
常见问题
Config Modification Safety 是什么?
OpenClaw 配置安全守护。防止 AI 改坏配置文件的双层守护架构,支持 macOS 和 Windows。 触发场景:AI 修改配置文件后系统崩溃、JSON 语法错误导致 Gateway 无法启动、想给 OpenClaw 配置安全网。 核心功能: - 第一层(铜墙):配置文件变更时自动校验 JSON,语法错误... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 64 次。
如何安装 Config Modification Safety?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install config-modification-safety」即可一键安装,无需额外配置。
Config Modification Safety 是免费的吗?
是的,Config Modification Safety 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Config Modification Safety 支持哪些平台?
Config Modification Safety 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Config Modification Safety?
由 alexduming(@alexduming)开发并维护,当前版本 v1.0.0。
推荐 Skills