← 返回 Skills 市场
mike-alford

Config-Sentinel

作者 Mike-Alford · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
151
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install config-sentinel
功能描述
A strict guardrail for OpenClaw config changes. Snapshot before editing, validate after editing, and rollback immediately when config health fails. Built to...
使用说明 (SKILL.md)

Config-Sentinel

Use this skill whenever you are modifying OpenClaw configuration.

This is not a soft suggestion. Config changes are high-risk operations. A single bad edit can break agent routing, bindings, startup behavior, or entire multi-agent setups.

If config integrity matters, do not skip this workflow.

This skill is especially useful for:

  • manual edits to the main OpenClaw config file
  • scripted config patches
  • agent/binding/channel changes
  • diagnosing whether a config file is malformed or incomplete
  • recovering from a broken config change

Purpose

Config-Sentinel exists because successful writes are not the same as healthy config.

A config file can be:

  • syntactically broken
  • structurally incomplete
  • silently truncated
  • internally inconsistent
  • accepted by an editor but dangerous at runtime

This skill enforces a strict safety workflow:

  1. snapshot before changes
  2. validate after changes
  3. rollback immediately if validation fails
  4. run health checks when config behavior looks suspicious

Approval Rule

Do not change OpenClaw config without explicit user approval.

Snapshot/rollback protects against corruption. It does not replace human approval.

The correct order is:

  1. get approval to make the config change
  2. run pre-change
  3. make the change
  4. run validate
  5. rollback if needed
  6. report the result clearly

Core Workflow

Before editing config:

scripts/sentinel.sh pre-change

After editing config:

scripts/sentinel.sh validate

If validation fails:

scripts/sentinel.sh rollback

For an on-demand health check:

scripts/sentinel.sh health

Non-negotiable rule

Do not edit config first and hope validation will save you later.

The correct order is always:

  1. snapshot
  2. edit
  3. validate
  4. rollback if needed

What It Protects Against

Config-Sentinel is designed to catch or soften failures such as:

  • malformed JSON
  • incomplete or truncated config writes
  • missing agent entries
  • bindings that reference missing agents
  • invalid channel/account structure
  • missing expected config file after an edit
  • accidental regressions after a patch

It also creates recovery points so rollback is straightforward.

Features

Pre-change snapshot

Before any config edit, create:

  • a timestamped backup copy
  • a git snapshot when the config directory is in a git repo
  • a remembered last-known-good revision for rollback

Validation

After a config change, validate:

  • JSON parseability
  • presence of expected high-level keys
  • minimum agent count threshold
  • bindings referencing real agent ids
  • optional required workspace files
  • optional provider-specific checks

Rollback

Restore the last-known-good config snapshot if a change breaks structure or validation.

Health check

Run validation without making changes to assess config health.

Strict posture

This skill is intentionally strict. Config changes are one of the easiest ways to break a working OpenClaw setup.

Defaults and Overrides

The helper script uses sensible defaults, but supports environment overrides.

Default paths

  • config file: ~/.openclaw/openclaw.json
  • sentinel state dir: ~/.openclaw/.sentinel

Optional environment variables

  • CONFIG_SENTINEL_CONFIG_FILE
  • CONFIG_SENTINEL_DIR
  • CONFIG_SENTINEL_MIN_AGENTS
  • CONFIG_SENTINEL_REQUIRED_FILES
  • CONFIG_SENTINEL_VALIDATE_BINDINGS
  • CONFIG_SENTINEL_VALIDATE_TELEGRAM_TOKENS

This allows the skill to adapt to different setups while keeping a strict default posture.

Best Practice Pattern

When an agent is asked to change config, the safe pattern is:

  1. run pre-change
  2. apply the config change
  3. run validate
  4. if validation fails, run rollback
  5. tell the user clearly whether the config is healthy

Do not silently edit config without a recovery path. Do not trust a successful write alone. Do not continue after validation failure unless the user explicitly wants forensic inspection instead of safety.

Generic Example

Good

scripts/sentinel.sh pre-change
# edit config
scripts/sentinel.sh validate || scripts/sentinel.sh rollback

Good agent wording

  • “I created a config snapshot before editing.”
  • “Validation passed after the patch.”
  • “Validation failed, so I rolled back to the last-known-good config.”

Bad

  • editing config directly with no snapshot
  • assuming the file is fine because the write completed
  • continuing after parse errors or missing agent references

Notes

This skill does not run continuously. It is an on-demand guardrail for risky config operations.

Use it whenever config integrity matters more than speed. If you are about to patch or rewrite config and you are tempted to skip the snapshot step, that is exactly when you should not skip it.

Summary

Config-Sentinel helps make OpenClaw config changes safer by combining:

  • snapshots
  • validation
  • rollback
  • health checks

The goal is simple:

make config edits recoverable instead of catastrophic.

安全使用建议
This skill appears to do exactly what it claims: take backups, validate OpenClaw config, and restore it if needed. Before installing or running it: 1) inspect scripts/sentinel.sh yourself (you have it) and confirm you trust it; 2) ensure python3 is available (the script uses python3 inline) and git is available if you want git snapshots; 3) be aware it will write backups/logs to ~/.openclaw/.sentinel and may overwrite ~/.openclaw/openclaw.json on rollback — ensure directory permissions and storage are acceptable; 4) remember to run scripts/sentinel.sh pre-change before editing and obtain human approval as recommended; 5) if your config contains secrets (API tokens) consider where backups/logs are stored and whether they need extra protection. Overall: coherent and appropriate for its purpose, with the small metadata/requirements mismatch noted above.
功能分析
Type: OpenClaw Skill Name: config-sentinel Version: 1.0.0 The config-sentinel skill is a utility designed to provide safety guardrails (backups, validation, and rollbacks) when modifying OpenClaw configuration files. The shell script (scripts/sentinel.sh) performs local file operations, git commits for versioning, and basic JSON validation using Python, all of which are consistent with its stated purpose of preventing configuration corruption.
能力评估
Purpose & Capability
The skill's name, SKILL.md, and included script align: it snapshots (~/.openclaw/.sentinel), validates (~/.openclaw/openclaw.json by default), and can rollback. Minor mismatch: the script relies on python3 (and optionally git) but the registry metadata did not list these as required binaries.
Instruction Scope
SKILL.md and scripts/sentinel.sh stay within scope: they read the configured OpenClaw config file, optionally check files referenced by agent workspaces, create backups, commit/restore from git if available, and validate JSON/structure. No external network endpoints or data exfiltration are present in the script.
Install Mechanism
Instruction-only skill with a bundled Bash script; no install/downloads or package installs. Nothing is fetched from external URLs or written outside the sentinel/config directories except for restoring the target config file (intended behavior).
Credentials
No credentials or secrets are required. Optional env vars control paths and validation toggles (including a flag to check Telegram tokens). The script reads config content (which may contain tokens) but does not transmit them externally; ensure you understand that sensitive tokens may be read and potentially appear in local logs/backups.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It writes backups and logs to ~/.openclaw/.sentinel and may overwrite the config on rollback — this is expected for a rollback tool, not an unexplained privilege escalation.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install config-sentinel
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /config-sentinel 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: strict guardrail for OpenClaw config changes with approval-first workflow, snapshots, validation, rollback, and health checks.
元数据
Slug config-sentinel
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Config-Sentinel 是什么?

A strict guardrail for OpenClaw config changes. Snapshot before editing, validate after editing, and rollback immediately when config health fails. Built to... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 151 次。

如何安装 Config-Sentinel?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install config-sentinel」即可一键安装,无需额外配置。

Config-Sentinel 是免费的吗?

是的,Config-Sentinel 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Config-Sentinel 支持哪些平台?

Config-Sentinel 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Config-Sentinel?

由 Mike-Alford(@mike-alford)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论