OpenClaw Config Guard
Audit first. Repair only when the fix is proven. Protect startup over aesthetics.
Required Sources
Before making any judgment, open the official docs listed in references/official-sources.md. Treat them as the source of truth for schema, allowed values, and repair guidance. Do not rely on memory for config rules.
Workflow
- 1. Resolve the active config path:
CODEBLOCK0
If that fails, fall back to ~/.openclaw/openclaw.json.
- 2. Run a deterministic audit before touching the file:
CODEBLOCK1
This wraps:
- - �INLINECODE1
- optional �INLINECODE2
- 3. Classify findings:
- -
startup blockers: JSON5 parse failures, schema validation failures, unknown keys, wrong types, invalid enum values, missing required structure, or clearly conflicting settings that prevent startup. - INLINECODE4�: suspicious but non-blocking items such as duplicate plugin IDs, stale-but-working config, style cleanup, or non-critical hardening suggestions.
- 4. Decide whether you may auto-fix:
- - Only auto-fix if the issue is a startup blocker.
- Only auto-fix if the docs or CLI output clearly show the correct repair.
- Prefer
openclaw config set / openclaw config unset for exact path edits. - Use manual JSON5 edits only when the CLI cannot express the required change and preserving comments or structure matters.
- Never run
openclaw doctor --fix by default. - Never restart OpenClaw by default.
- 5. Backup before any write:
CODEBLOCK2
- 6. Re-validate after any write:
CODEBLOCK3
If post-change validation fails, roll back immediately from the backup and say so in the report.
- 7. Summarize what changed:
CODEBLOCK4
If you want a deterministic report frame, prepare a JSON manifest and run:
CODEBLOCK5
INLINECODE8� means the directory that contains this SKILL.md. Resolve relative paths against this skill directory instead of assuming any environment variable is set.
Decision Boundaries
- - Do not change non-blocking issues without user approval.
- Do not guess undocumented keys or values.
- Do not rewrite the whole config just to normalize formatting.
- Do not claim success without rerunning validation.
- Do not leave the user without a backup path, modified paths list, and post-change validation result.
Report Requirements
The final Markdown report must include:
- - official sources consulted
- active config path
- pre-change validation result
- startup blockers found
- automatic fixes applied
- issues intentionally not auto-fixed and why
- non-blocking recommendations for user decision
- modified config paths
- backup path
- post-change validation result
- whether manual restart is needed, and why
Resources
技能名称:openclaw-config-guard
详细描述:
OpenClaw 配置守护
先审计。仅在修复方案得到验证后才进行修复。优先保障启动功能,而非美观性。
必需参考源
做出任何判断前,请先打开 references/official-sources.md 中列出的官方文档。将其视为模式、允许值及修复指南的权威来源。切勿依赖记忆处理配置规则。
工作流程
- 1. 解析当前配置路径:
bash
python3 /scripts/config_guard.py resolve-path --json
若失败,则回退至 ~/.openclaw/openclaw.json。
- 2. 在修改文件前执行确定性审计:
bash
python3 /scripts/config_guard.py audit --doctor
该命令包含:
- - openclaw config validate --json
- 可选的 openclaw doctor --non-interactive
- 3. 对发现的问题进行分类:
- - 启动阻塞项:JSON5 解析失败、模式验证失败、未知键、类型错误、无效枚举值、缺少必需结构,或明显冲突导致无法启动的设置。
- 建议项:可疑但非阻塞的问题,例如重复的插件 ID、过时但仍可运行的配置、样式清理,或非关键性强化建议。
- 4. 判断是否可自动修复:
- - 仅当问题为启动阻塞项时方可自动修复。
- 仅当文档或 CLI 输出明确显示正确修复方案时方可自动修复。
- 优先使用 openclaw config set / openclaw config unset 进行精确路径编辑。
- 仅在 CLI 无法表达所需更改且需保留注释或结构时,才手动编辑 JSON5。
- 默认不执行 openclaw doctor --fix。
- 默认不重启 OpenClaw。
- 5. 任何写入操作前先备份:
bash
python3 /scripts/config_guard.py backup --json
- 6. 任何写入操作后重新验证:
bash
python3 /scripts/config_guard.py validate --doctor --json
若变更后验证失败,立即从备份回滚,并在报告中说明。
- 7. 总结变更内容:
bash
python3 /scripts/config_guard.py diff --before /path/to/before --after /path/to/after --json
如需确定性报告框架,可准备 JSON 清单并运行:
bash
python3 /scripts/config_guard.py report --manifest /path/to/manifest.json
指包含此 SKILL.md 的目录。请基于此技能目录解析相对路径,而非假设任何环境变量已设置。
决策边界
- - 未经用户批准,不得更改非阻塞问题。
- 不得猜测未记录的键或值。
- 不得为统一格式而重写整个配置。
- 未重新运行验证前,不得声称成功。
- 必须向用户提供备份路径、修改路径列表及变更后验证结果。
报告要求
最终 Markdown 报告必须包含:
- - 所参考的官方源
- 当前配置路径
- 变更前验证结果
- 发现的启动阻塞项
- 已应用的自动修复
- 有意未自动修复的问题及原因
- 供用户决策的非阻塞建议
- 修改的配置路径
- 备份路径
- 变更后验证结果
- 是否需要手动重启及原因
资源
