← 返回 Skills 市场
371
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-safe-upgrade
功能描述
Safe OpenClaw upgrade with instant rollback. Use when user says "upgrade openclaw", "update openclaw", "check for updates", or any request to upgrade/update...
功能分析
Type: OpenClaw Skill
Name: openclaw-safe-upgrade
Version: 1.0.0
The skill implements an upgrade utility that uses 'systemd-run' to escape the gateway's cgroup and service lifecycle, ensuring the script survives the service restart it triggers. While functionally justified for a self-upgrade, this technique is a high-risk process isolation bypass. Additionally, the script performs global package installations ('npm i -g'), executes arbitrary scripts found in the workspace ('service-quick-check.py'), and automatically performs 'git push' operations on the workspace. These behaviors, while aligned with the stated purpose in 'SKILL.md' and 'scripts/safe-upgrade.sh', represent a significant and broad attack surface.
能力评估
Purpose & Capability
The skill claims to perform a safe OpenClaw upgrade — and the bundled script does exactly that. However the skill metadata declares no required binaries or environment variables while the script relies on many external tools (npm, python3, systemd-run/systemctl, curl, tar, openclaw CLI, pkill, etc.). Those undeclared dependencies are a capability–purpose mismatch and should have been listed in requires.binaries. Also the script reads and writes many OpenClaw files (configs, crons, installation directories) which is consistent with an upgrade but increases the blast radius if misused.
Instruction Scope
SKILL.md and the script stay within the stated upgrade task, but the script also conditionally runs 'optional hooks' found in the workspace (golden-snapshot.sh, service-quick-check.py). Executing arbitrary files from a user's workspace during an upgrade can run arbitrary code and is a notable risk unless you explicitly control those files. The script also reads config files (openclaw.json, cron jobs, acpx config) which may contain secrets/tokens; while it doesn't appear to send them externally, reading them is necessary for the task but should be noted.
Install Mechanism
There is no install spec (instruction-only + bundled script), which is low risk in terms of supply-chain downloads. However the runtime does perform network operations (npm view / npm i -g) and extracts tarballs into system paths — these are network-backed actions executed at runtime rather than via a controlled installer. The lack of an install step is expected for an instruction-only skill, but you should be aware the script will contact npm and perform global installs.
Credentials
The skill declares no required env vars, but the script uses _UPGRADE_FORCE_ESCAPE / _UPGRADE_ESCAPED (control flags) and optionally OPENCLAW_WORKSPACE; it also reads $HOME/.openclaw/openclaw.json and other user files which may contain gateway auth tokens. Not declaring required binaries and not warning about possible sensitive config reads is a proportionality issue: upgrading reasonably needs access to install/config files, but the metadata should state this and request explicit user consent.
Persistence & Privilege
The skill does not request always:true and does not try to permanently enable itself; it creates files under the user's home (~/.openclaw/upgrade-backups, result/log files) and launches a transient systemd user scope to survive gateway restart. Those behaviors are coherent with an upgrade tool. One practical concern: the script writes/extracts into /usr/lib/node_modules/ (global install path) and expects to be able to start/stop systemd services — this implies it assumes the running user has permission to manage the OpenClaw installation and systemd units. That privilege assumption is not declared and may fail or require elevation.
scan_findings_in_context
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-safe-upgrade - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-safe-upgrade触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release — atomic OpenClaw upgrade with auto-rollback, cgroup escape for systemd survival, acpx preservation, breaking change detection
元数据
常见问题
OpenClaw Safe Upgrade 是什么?
Safe OpenClaw upgrade with instant rollback. Use when user says "upgrade openclaw", "update openclaw", "check for updates", or any request to upgrade/update... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 371 次。
如何安装 OpenClaw Safe Upgrade?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-safe-upgrade」即可一键安装,无需额外配置。
OpenClaw Safe Upgrade 是免费的吗?
是的,OpenClaw Safe Upgrade 完全免费(开源免费),可自由下载、安装和使用。
OpenClaw Safe Upgrade 支持哪些平台?
OpenClaw Safe Upgrade 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Safe Upgrade?
由 Ali Aziz(@aliahmadaziz)开发并维护,当前版本 v1.0.0。
推荐 Skills