name	upgrade-guard
description	Safe OpenClaw upgrades with snapshot, pre-flight checks, controlled upgrade steps, post-verification, and emergency rollback. Never lose your working system to a bad update again.
metadata	{"openclaw":{"emoji":"🔄"}}

Upgrade Guard 🔄

Never lose a working OpenClaw to a bad upgrade again.

Born from 7 cascading failures during a single version jump. The gateway crashed, Telegram disconnected, plugins broke, models vanished — and the AI agent that caused it was also dead, so nobody could fix it remotely.

This skill makes upgrades safe.

The Problem

OpenClaw upgrades can break in ways that are invisible until it's too late:

Failure type	Example
Plugin renames	`clawdbot.plugin.json` → `openclaw.plugin.json`
Dependency breaks	SDK module paths change, exports shift
Config schema changes	New required fields, removed fields
Model name changes	Dot vs hyphen format changes
Channel config wipes	Silent removal during migration

A single git pull && pnpm install can trigger all of these simultaneously.

What Upgrade Guard Does

1. Snapshot (`snapshot`)

Captures your entire working state:

Version + git commit
Full config backup
Plugin file inventory
Symlink map
Lock file
Channel list + model info
Gateway health status

2. Pre-flight (`check`)

Before touching anything:

Snapshot exists?
Config valid?
Git repo clean?
Disk space OK?
Package manager available?
Remote changes preview
Breaking change detection (scans commit messages)

3. Safe Upgrade (`upgrade`)

Controlled 6-step process:

Pre-flight checks (abort if fail)
Fresh snapshot
Stop gateway
git pull (rollback on fail)
pnpm install + pnpm run build (rollback on fail)
Post-upgrade verification

4. Verification (`verify`)

After upgrade, checks everything:

Version actually changed?
Plugin files renamed/removed? (detects clawdbot↔openclaw renames)
Config still valid JSON?
All channels still configured?
Model still set?
No broken symlinks?
Gateway starts and responds?
No errors in recent logs?

5. Rollback (`rollback`)

Emergency restore:

Stop gateway
Restore git to previous commit
Reinstall old dependencies
Restore config
Restart gateway

Usage

# Before upgrading: take a snapshot
bash scripts/upgrade-guard.sh snapshot

# Check what's coming
bash scripts/upgrade-guard.sh check

# See current state
bash scripts/upgrade-guard.sh status

# Do the upgrade (safe, with auto-rollback on failure)
bash scripts/upgrade-guard.sh upgrade

# Or just preview without changing anything
bash scripts/upgrade-guard.sh upgrade --dry-run

# After upgrade: verify everything works
bash scripts/upgrade-guard.sh verify

# Something broke? Emergency rollback
bash scripts/upgrade-guard.sh rollback

For AI Agents

MANDATORY before any OpenClaw upgrade:

upgrade-guard.sh snapshot — save current state
upgrade-guard.sh check — verify pre-conditions
upgrade-guard.sh upgrade — let the script handle it
If anything fails → upgrade-guard.sh rollback

NEVER run blind git pull && pnpm install without snapshotting first.

What It Catches That config-guard Doesn't

Check	config-guard	upgrade-guard
Bad config values	✅	❌
Plugin file renames	❌	✅
Dependency breaks	❌	✅
Broken symlinks	❌	✅
Version tracking	❌	✅
Git state management	❌	✅
Gateway log analysis	❌	✅
Full system rollback	❌	✅

Use both together: config-guard for config changes, upgrade-guard for version upgrades.

Watchdog — OS-Level Self-Healing

The watchdog runs independently via systemd timer. It survives gateway crashes, AI agent death, and server reboots.

# Install (checks every 60 seconds)
bash scripts/watchdog.sh install

# Check health manually
bash scripts/watchdog.sh check

# View status and recent events
bash scripts/watchdog.sh status

# Remove
bash scripts/watchdog.sh uninstall

Recovery strategy:

Consecutive failures	Action
1-2	Log and wait
3	Restart gateway
6+	Rollback to last snapshot

What it checks:

Process — is the gateway process running?
HTTP — does the gateway respond on its port?
Telegram — any connection errors in recent logs?

Why it works when everything else fails:

Runs as systemd timer — survives gateway crash, AI death, reboots
Checks every 60 seconds — detects problems fast
5-minute cooldown between actions — no restart loops
Uses upgrade-guard's rollback — full version restore if restart doesn't help
Logs everything to watchdog.log for post-mortem

Install

clawdhub install upgrade-guard
# or clone directly
git clone https://github.com/jzOcb/upgrade-guard

Requirements

bash 4+
python3
curl
git
pnpm or npm

config-guard — Config validation and auto-rollback
agent-guardrails — Code-level enforcement for AI agents

name	upgrade-guard
description	Safe OpenClaw upgrades with snapshot, pre-flight checks, controlled upgrade steps, post-verification, and emergency rollback. Never lose your working system to a bad update again.
metadata	{"openclaw":{"emoji":"🔄"}}

Upgrade Guard 🔄

Never lose a working OpenClaw to a bad upgrade again.

This skill makes upgrades safe.

The Problem

OpenClaw upgrades can break in ways that are invisible until it's too late:

Failure type	Example
Plugin renames	`clawdbot.plugin.json` → `openclaw.plugin.json`
Dependency breaks	SDK module paths change, exports shift
Config schema changes	New required fields, removed fields
Model name changes	Dot vs hyphen format changes
Channel config wipes	Silent removal during migration

A single git pull && pnpm install can trigger all of these simultaneously.

What Upgrade Guard Does

1. Snapshot (`snapshot`)

Captures your entire working state:

Version + git commit
Full config backup
Plugin file inventory
Symlink map
Lock file
Channel list + model info
Gateway health status

2. Pre-flight (`check`)

Before touching anything:

Snapshot exists?
Config valid?
Git repo clean?
Disk space OK?
Package manager available?
Remote changes preview
Breaking change detection (scans commit messages)

3. Safe Upgrade (`upgrade`)

Controlled 6-step process:

Pre-flight checks (abort if fail)
Fresh snapshot
Stop gateway
git pull (rollback on fail)
pnpm install + pnpm run build (rollback on fail)
Post-upgrade verification

4. Verification (`verify`)

After upgrade, checks everything:

Version actually changed?
Plugin files renamed/removed? (detects clawdbot↔openclaw renames)
Config still valid JSON?
All channels still configured?
Model still set?
No broken symlinks?
Gateway starts and responds?
No errors in recent logs?

5. Rollback (`rollback`)

Emergency restore:

Stop gateway
Restore git to previous commit
Reinstall old dependencies
Restore config
Restart gateway

Usage

# Before upgrading: take a snapshot
bash scripts/upgrade-guard.sh snapshot

# Check what's coming
bash scripts/upgrade-guard.sh check

# See current state
bash scripts/upgrade-guard.sh status

# Do the upgrade (safe, with auto-rollback on failure)
bash scripts/upgrade-guard.sh upgrade

# Or just preview without changing anything
bash scripts/upgrade-guard.sh upgrade --dry-run

# After upgrade: verify everything works
bash scripts/upgrade-guard.sh verify

# Something broke? Emergency rollback
bash scripts/upgrade-guard.sh rollback

For AI Agents

MANDATORY before any OpenClaw upgrade:

upgrade-guard.sh snapshot — save current state
upgrade-guard.sh check — verify pre-conditions
upgrade-guard.sh upgrade — let the script handle it
If anything fails → upgrade-guard.sh rollback

NEVER run blind git pull && pnpm install without snapshotting first.

What It Catches That config-guard Doesn't

Check	config-guard	upgrade-guard
Bad config values	✅	❌
Plugin file renames	❌	✅
Dependency breaks	❌	✅
Broken symlinks	❌	✅
Version tracking	❌	✅
Git state management	❌	✅
Gateway log analysis	❌	✅
Full system rollback	❌	✅

Use both together: config-guard for config changes, upgrade-guard for version upgrades.

Watchdog — OS-Level Self-Healing

The watchdog runs independently via systemd timer. It survives gateway crashes, AI agent death, and server reboots.

# Install (checks every 60 seconds)
bash scripts/watchdog.sh install

# Check health manually
bash scripts/watchdog.sh check

# View status and recent events
bash scripts/watchdog.sh status

# Remove
bash scripts/watchdog.sh uninstall

Recovery strategy:

Consecutive failures	Action
1-2	Log and wait
3	Restart gateway
6+	Rollback to last snapshot

What it checks:

Process — is the gateway process running?
HTTP — does the gateway respond on its port?
Telegram — any connection errors in recent logs?

Why it works when everything else fails:

Runs as systemd timer — survives gateway crash, AI death, reboots
Checks every 60 seconds — detects problems fast
5-minute cooldown between actions — no restart loops
Uses upgrade-guard's rollback — full version restore if restart doesn't help
Logs everything to watchdog.log for post-mortem

Install

clawdhub install upgrade-guard
# or clone directly
git clone https://github.com/jzOcb/upgrade-guard

Requirements

bash 4+
python3
curl
git
pnpm or npm

config-guard — Config validation and auto-rollback
agent-guardrails — Code-level enforcement for AI agents

upgrade-guard

Upgrade Guard 🔄

The Problem

What Upgrade Guard Does

1. Snapshot (`snapshot`)

2. Pre-flight (`check`)

3. Safe Upgrade (`upgrade`)

4. Verification (`verify`)

5. Rollback (`rollback`)

Usage

For AI Agents

What It Catches That config-guard Doesn't

Watchdog — OS-Level Self-Healing

Recovery strategy:

What it checks:

Why it works when everything else fails:

Install

Requirements

Related

Upgrade Guard 🔄

The Problem

What Upgrade Guard Does

1. Snapshot (`snapshot`)

2. Pre-flight (`check`)

3. Safe Upgrade (`upgrade`)

4. Verification (`verify`)

5. Rollback (`rollback`)

Usage

For AI Agents

What It Catches That config-guard Doesn't

Watchdog — OS-Level Self-Healing

Recovery strategy:

What it checks:

Why it works when everything else fails:

Install

Requirements

Related

upgrade-guard

Upgrade Guard 🔄

The Problem

What Upgrade Guard Does

1. Snapshot (snapshot)

2. Pre-flight (check)

3. Safe Upgrade (upgrade)

4. Verification (verify)

5. Rollback (rollback)

Usage

For AI Agents

What It Catches That config-guard Doesn't

Watchdog — OS-Level Self-Healing

Recovery strategy:

What it checks:

Why it works when everything else fails:

Install

Requirements

Related

Upgrade Guard 🔄

The Problem

What Upgrade Guard Does

1. Snapshot (snapshot)

2. Pre-flight (check)

3. Safe Upgrade (upgrade)

4. Verification (verify)

5. Rollback (rollback)

Usage

For AI Agents

What It Catches That config-guard Doesn't

Watchdog — OS-Level Self-Healing

Recovery strategy:

What it checks:

Why it works when everything else fails:

Install

Requirements

Related

1. Snapshot (`snapshot`)

2. Pre-flight (`check`)

3. Safe Upgrade (`upgrade`)

4. Verification (`verify`)

5. Rollback (`rollback`)

1. Snapshot (`snapshot`)

2. Pre-flight (`check`)

3. Safe Upgrade (`upgrade`)

4. Verification (`verify`)

5. Rollback (`rollback`)