Config Guardian
Overview
Use this workflow whenever editing ~/.openclaw/openclaw.json or running openclaw config set/apply. It prevents invalid config, creates backups, validates against schema, and enables rollback.
Workflow (use every time)
- •
Preflight
- •Confirm the requested change and scope.
- •Check for sensitive keys (tokens, credentials).
- •
Backup
- •Run
scripts/backup_config.shto create a timestamped snapshot.
- •Run
- •
Validate (before change)
- •Run
scripts/validate_config.sh. - •If validation fails, stop and report.
- •Run
- •
Apply change
- •Prefer
openclaw config set <path> <value>for small changes. - •For complex edits, edit the file directly and keep diffs minimal.
- •Prefer
- •
Validate (after change)
- •Run
scripts/validate_config.shagain. - •If it fails, restore from backup with
scripts/restore_config.sh.
- •Run
- •
Restart (only with explicit approval)
- •If change requires restart, ask for approval first.
- •Use
openclaw gateway restart.
Guardrails
- •Never restart or apply config without explicit user approval.
- •Never remove keys or reorder blocks unless requested.
- •Always keep a backup before edits.
- •If unsure about schema: run
openclaw doctor --non-interactiveand stop on errors.
Scripts
- •
scripts/backup_config.sh— create timestamped backup - •
scripts/validate_config.sh— validate config via OpenClaw doctor - •
scripts/diff_config.sh— diff current config vs backup - •
scripts/restore_config.sh— restore backup
Validation
- •Use
openclaw doctor --non-interactivefor schema validation - •This checks against the actual schema that the gateway uses
- •Warns about unknown keys, invalid types, and security issues