A community-driven registry for Claude, Cursor, Windsurf, Cline & more. Not affiliated with Anthropic.
Are you the author? Sign in to claim
Stop AI agents from crashing OpenClaw by validating config changes. Auto-backup, schema validation, and auto-rollback.
Prompts are suggestions. Code is law.
OpenClaw agents have full access to openclaw.json — the file that controls the gateway, channels, models, and tools. One bad edit = gateway crash. Agent goes offline. Nobody can fix it remotely.
This skill prevents that.
Real incidents (all from the same day):
| What happened | Root cause |
|---|---|
| Gateway crashed after update | AI added unknown config fields (auth, fallbacks) |
| Model not found | AI wrote claude-sonnet-4.5 (dots) instead of claude-sonnet-4-5 (hyphens) |
| Telegram stopped working | Config change silently wiped the channel section |
| browser.profiles error | AI forgot the required color field (must be hex) |
| Plugin SDK missing | Update broke module paths, no validation caught it |
7 cascading failures. 1 root cause: AI doesn't know correct config formats. It guesses.
browser.profiles.color)# Install via ClawHub
clawdhub install config-guard
# Or clone directly
git clone https://github.com/jzOcb/config-guard
# Validate current config
bash scripts/config-guard.sh check
# Validate → backup → apply → verify (with auto-rollback)
bash scripts/config-guard.sh apply --restart
# Show what changed vs last backup
bash scripts/config-guard.sh diff
# Emergency rollback
bash scripts/config-guard.sh rollback
cp scripts/pre-config-hook.sh /path/to/repo/.git/hooks/pre-commit
| Check | What it catches |
|---|---|
| JSON syntax | Malformed JSON, trailing commas, unquoted keys |
| Unknown top-level keys | AI inventing fields like fallbacks, auth |
| Model name format | claude-sonnet-4.5 → should be claude-sonnet-4-5 |
| browser.profiles.color | Missing required field, non-hex values |
| Placeholder values | your-token-here, sk-xxx in sensitive fields |
| Empty primary model | No model configured = agent can't think |
| Telegram channel wipe | Silent removal of channel config |
| Auth token removal | Gateway auth accidentally deleted |
| Tool deny list changes | Security-critical tools removed from deny |
MANDATORY WORKFLOW when editing openclaw.json:
config-guard.sh check before ANY changegateway config.schemaconfig-guard.sh apply --restart after changesconfig-guard.sh rollbackbash 4+python3curl| Tool | What It Prevents |
|---|---|
| agent-guardrails | AI rewrites validated code, leaks secrets, bypasses standards |
| config-guard | AI writes malformed config, crashes gateway |
| upgrade-guard | Version upgrades break dependencies, no rollback |
| token-guard | Runaway token costs, budget overruns |
| process-guardian | Background processes die silently, no auto-recovery |
📖 Read the full story: I audited my own AI agent system and found it full of holes
MIT
This skill is one of four guards in the hardening toolkit:
| Guard | Purpose | Protects Against |
|---|---|---|
| agent-guardrails | Pre-commit hooks + secret detection | Code leaks, unsafe commits |
| config-guard | Config validation + auto-rollback | Gateway crashes from bad config |
| upgrade-guard | Safe upgrades + watchdog | Update failures, cascading breaks |
| token-guard | Usage monitoring + cost alerts | Budget overruns, runaway costs |
📚 Full writeup: 4-Layer Defense System for AI Agents
1000+ skills curated from Anthropic, Vercel, Stripe, and other engineering teams
Claude Code skill for YouTube creators — channel audits, video SEO, retention scripts, thumbnails, content strategy, Sho
Design enforcement with memory — keeps your UI consistent across a project
AI image generation skill for Claude Code -- Creative Director powered by Gemini