OpenSkillIndex← back to search
claude-codeopenclawautomation

Skills wolverine

Supervised self-healing process manager for OpenClaw. Wraps your gateway in a crash recovery loop — catches errors, diagnoses with AI, proposes fixes for review, verifies them, and restarts. Includes runtime code injection detection (33 patterns), automatic backup/rollback, and semantic memory that learns from past fixes.

install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/bobbyswhip/wolverine-ai" ~/.claude/skills/openclaw-skills-wolverine && rm -rf "$T"
OpenClaw · Install into ~/.openclaw/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/bobbyswhip/wolverine-ai" ~/.openclaw/skills/openclaw-skills-wolverine && rm -rf "$T"
manifest: skills/bobbyswhip/wolverine-ai/SKILL.md
tags
#self-healing#error-handling#ai-assisted#security#automation#recovery
source content

Wolverine — Self-Healing Process Manager

EXPERIMENTAL: This skill wraps your OpenClaw gateway in a supervised repair and security layer. Do not use in workspaces with critical production data until you have tested in a staging environment. All file modifications create backups first and can be rolled back.

What It Does

Wolverine watches your OpenClaw process. When it crashes, Wolverine:

  1. Captures the error (crash or caught 500)
  2. Diagnoses it with AI (Anthropic or OpenAI)
  3. Proposes a code fix
  4. Verifies the fix (syntax check + boot probe)
  5. Restarts — with rollback if the fix fails

Most errors are resolved in 3–60 seconds for $0.00–$0.10 in AI tokens. All changes are backed up before being applied.

Quick Start

npx wolverine-ai@latest --setup-claw

One command. Detects your 

.openclaw/config.yml
, merges settings, scaffolds 
wolverine-claw/
. Zero code changes needed.

Healing Pipeline

Error detected (crash or 500)
  → Empty stderr? → Just restart ($0.00)
  → Operational fix? → npm install / chmod / kill port ($0.00)
  → AI diagnosis → proposes code fix
  → Verify → syntax check + boot probe
  → Pass? → Apply fix, restart
  → Fail? → Rollback to backup, try next approach
  → 3 failures on same error → stop, file bug report for human review

Safety controls:

  • 5 heals max per 5 minutes (prevents runaway costs)
  • 3 failures on same error → stops and notifies human
  • 5-minute timeout per heal attempt
  • All fixes create a backup before applying
  • Protected paths: 
    src/
    , 
    bin/
    , 
    node_modules/
    , 
    .env
    files cannot be modified

Code Guard — Injection Detection

33 static analysis patterns scan code for injection attacks:

  • eval/Function injection
    eval(req.body.code)
    blocked
  • Command injection
    execSync(req.query.cmd)
    blocked
  • Prototype pollution
    __proto__[key] = value
    blocked
  • Dynamic require
    require(req.query.module)
    blocked
  • SSRF
    fetch(req.query.url)
    blocked
  • Reverse shells
    spawn("/bin/sh")
    blocked
  • Obfuscation — encoded payloads detected and blocked
  • Execution boundary — code loaded from outside project root blocked

Blocked files are quarantined with forensic logs (code hash, stack trace, timestamp) for review.

Backup & Rollback

Every fix creates a backup first. Nothing is lost.

wolverine --backup "before risky change"
wolverine --rollback-latest
wolverine --undo-rollback

Backups stored in 

~/.wolverine-safe-backups/
— outside the project directory, survives 
git pull
and reinstalls.

Lifecycle: UNSTABLE → VERIFIED → STABLE (30min of no crashes).

Brain — Semantic Memory

Vector store that learns from every fix. Before calling AI, Wolverine searches past solutions.

  • Repeat errors resolved for $0.00 (cached fix)
  • Sub-millisecond search even at 10K+ entries

Security Stack

LayerWhat It Does
Code Guard33 injection patterns, quarantine, forensic logging
Injection Detector50+ prompt injection patterns before AI sees error text
Secret RedactorScrubs API keys from all AI calls, logs, and memory
SandboxFile access restricted to project directory only
Rate LimiterPrevents runaway AI costs
Blocked Commands18 dangerous shell patterns rejected

Configuration

Edit 

wolverine-claw/config/settings.json
:

{
  "gateway": { "port": 18789 },
  "agent": { "model": "claude-sonnet-4-6", "maxTurns": 25 },
  "healing": { "enabled": true, "maxHealsPerWindow": 5 },
  "security": { "sandbox": true }
}

Secrets in 

.env.local
only:

ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-proj-...     # optional, for embeddings

Commands

wolverine-claw --setup     # guided onboarding
wolverine --claw            # start with healing
wolverine-claw --direct     # start without healing (debug)
wolverine --backup "msg"    # create snapshot
wolverine --rollback-latest # restore last snapshot
wolverine --update          # safe framework upgrade (never touches your code)

Key Constraints

  • All file modifications backed up first — rollback always available
  • Healing restricted to 
    server/
    and 
    wolverine-claw/
    directories
  • Framework code (
    src/
    , 
    bin/
    ) is read-only
  • Max 5 heals per 5 minutes, 3 failures = stop
  • Token budgets capped: simple=20K, moderate=50K, complex=100K

Cost

Most fixes: $0.00–$0.01. Complex multi-file: $0.05–$0.10. Idle: $0.00.

Links