safe-update-merge_skill

This skill safely merges upstream OpenClaw updates while preserving plugin injections, UI tabs, and workspace features using AI-guided conflict resolution.
  • Python

2.5k

GitHub Stars

4

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill openclaw/skills --skill safe-update-merge

  • _meta.json475 B
  • MERGE_MANIFEST.json12.0 KB
  • SKILL.md30.5 KB
  • update-modal.ts9.1 KB

Overview

This skill safely merges upstream OpenClaw updates into a fork while preserving plugin/skill injections, custom UI tabs, workspace features, and other local customizations. It orchestrates a pre-flight analysis, agent-guided conflict resolution using the configured model, build-time validation, backups with redacted secrets, and a clear report of results. The merge always runs on a dated branch and never modifies main directly.

How this skill works

First, a pre-flight step fetches upstream, computes divergence, lists conflicts, and produces a JSON report. The configured agent model resolves each conflict using a per-file merge manifest and an interactive prompt template; secrets are redacted before any content is sent to the model and restored from an in-memory map after resolution. After resolution the skill runs install/build/validation checks and scans protected files for must-preserve patterns, then commits results to a safe-merge-YYYY-MM-DD branch and reports back to the user.

When to use it

  • Your fork is behind upstream and you need to incorporate changes without losing local customizations.
  • Upstream has refactors that could accidentally remove injected plugins, UI tabs, or workspace controllers.
  • You want automated conflict assistance but still require human/agent judgment on sensitive merges.
  • You need a merge workflow that backs up redacted copies and validates builds before finalizing.

Best practices

  • Run the pre-flight report and review upstream package.json diffs before allowing pnpm install.
  • Execute the full merge in an isolated environment (container, VM, or disposable clone) for maximum safety.
  • Provide or select the desired merge model via SAFE_MERGE_MODEL or the UI dropdown to control AI behavior.
  • Keep the fd 3 redaction map protocol intact so secret redaction/restoration never writes secrets to disk or stderr.
  • After the merge, run pnpm ui:build and restart the gateway service, then verify UI tabs and protected patterns.

Example use cases

  • Integrating a major upstream update that adds schema strictness while preserving fork-specific schema extensions.
  • Merging upstream control UI changes without losing custom tabs or CSP connect-src extensions required by local features.
  • Responding to a security or bugfix release from upstream while ensuring local controllers and plugins remain intact.
  • Running periodic maintenance merges where many files auto-merge but protected files still require verification.

FAQ

It uses the agent's configured model by default; you can override it via the SAFE_MERGE_MODEL environment variable or the UI dropdown.

Are secrets ever sent to the model or written to disk?

No. Secrets are redacted before being sent; a redaction map is held in-memory on fd 3 and backups contain only redacted content.

Does the merge run npm installs or network operations?

git fetch upstream and pnpm install (with --ignore-scripts) run during validation and require network access; the skill package itself performs no external installs.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational