Wolverine — Self-Healing Process Manager
by @bobbyswhip
Supervised self-healing process manager for OpenClaw. Wraps your gateway in a crash recovery loop — catches errors, diagnoses with AI, proposes fixes for rev...
clawhub install wolverine-ai📖 About This Skill
name: wolverine description: Supervised self-healing process manager for OpenClaw. Wraps your gateway in a crash recovery loop — catches errors, diagnoses with AI, proposes fixes for review, verifies them, and restarts. Includes runtime code injection detection (33 patterns), automatic backup/rollback, and semantic memory that learns from past fixes. metadata: openclaw: requires: env: - ANTHROPIC_API_KEY anyBins: - node bins: - npm primaryEnv: ANTHROPIC_API_KEY emoji: "\U0001F43A" homepage: https://github.com/bobbyswhip/Wolverine install: - kind: node package: wolverine-ai bins: - wolverine - wolverine-claw
Wolverine — Self-Healing Process Manager
> EXPERIMENTAL: This skill wraps your OpenClaw gateway in a supervised repair and security layer. Do not use in workspaces with critical production data until you have tested in a staging environment. All file modifications create backups first and can be rolled back.
What It Does
Wolverine watches your OpenClaw process. When it crashes, Wolverine:
1. Captures the error (crash or caught 500) 2. Diagnoses it with AI (Anthropic or OpenAI) 3. Proposes a code fix 4. Verifies the fix (syntax check + boot probe) 5. Restarts — with rollback if the fix fails
Most errors are resolved in 3–60 seconds for $0.00–$0.10 in AI tokens. All changes are backed up before being applied.
Quick Start
npx wolverine-ai@latest --setup-claw
One command. Detects your .openclaw/config.yml, merges settings, scaffolds wolverine-claw/. Zero code changes needed.
Healing Pipeline
Error detected (crash or 500)
→ Empty stderr? → Just restart ($0.00)
→ Operational fix? → npm install / chmod / kill port ($0.00)
→ AI diagnosis → proposes code fix
→ Verify → syntax check + boot probe
→ Pass? → Apply fix, restart
→ Fail? → Rollback to backup, try next approach
→ 3 failures on same error → stop, file bug report for human review
Safety controls:
src/, bin/, node_modules/, .env files cannot be modifiedCode Guard — Injection Detection
33 static analysis patterns scan code for injection attacks:
eval(req.body.code) blockedexecSync(req.query.cmd) blocked__proto__[key] = value blockedrequire(req.query.module) blockedfetch(req.query.url) blockedspawn("/bin/sh") blockedBlocked files are quarantined with forensic logs (code hash, stack trace, timestamp) for review.
Backup & Rollback
Every fix creates a backup first. Nothing is lost.
wolverine --backup "before risky change"
wolverine --rollback-latest
wolverine --undo-rollback
Backups stored in ~/.wolverine-safe-backups/ — outside the project directory, survives git pull and reinstalls.
Lifecycle: UNSTABLE → VERIFIED → STABLE (30min of no crashes).
Brain — Semantic Memory
Vector store that learns from every fix. Before calling AI, Wolverine searches past solutions.
Security Stack
| Layer | What It Does | |-------|-------------| | Code Guard | 33 injection patterns, quarantine, forensic logging | | Injection Detector | 50+ prompt injection patterns before AI sees error text | | Secret Redactor | Scrubs API keys from all AI calls, logs, and memory | | Sandbox | File access restricted to project directory only | | Rate Limiter | Prevents runaway AI costs | | Blocked Commands | 18 dangerous shell patterns rejected |
Configuration
Edit wolverine-claw/config/settings.json:
{
"gateway": { "port": 18789 },
"agent": { "model": "claude-sonnet-4-6", "maxTurns": 25 },
"healing": { "enabled": true, "maxHealsPerWindow": 5 },
"security": { "sandbox": true }
}
Secrets in .env.local only:
ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-proj-... # optional, for embeddings
Commands
wolverine-claw --setup # guided onboarding
wolverine --claw # start with healing
wolverine-claw --direct # start without healing (debug)
wolverine --backup "msg" # create snapshot
wolverine --rollback-latest # restore last snapshot
wolverine --update # safe framework upgrade (never touches your code)
Key Constraints
server/ and wolverine-claw/ directoriessrc/, bin/) is read-onlyCost
Most fixes: $0.00–$0.01. Complex multi-file: $0.05–$0.10. Idle: $0.00.
Links
💡 Examples
npx wolverine-ai@latest --setup-claw
One command. Detects your .openclaw/config.yml, merges settings, scaffolds wolverine-claw/. Zero code changes needed.
⚙️ Configuration
Edit wolverine-claw/config/settings.json:
{
"gateway": { "port": 18789 },
"agent": { "model": "claude-sonnet-4-6", "maxTurns": 25 },
"healing": { "enabled": true, "maxHealsPerWindow": 5 },
"security": { "sandbox": true }
}
Secrets in .env.local only:
ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-proj-... # optional, for embeddings