genesis-plan/phoenix-shield
skills/phoenix-sheld/SKILL.md
Self-healing backup and update system with intelligent rollback. Protects against failed updates by automatically monitoring system health post-update and recovering from backups when needed. Features canary deployment testing, health baselines, smart rollback, and 24/7 automated monitoring. Use when performing critical system updates, managing production deployments, or ensuring high availability of services. Prevents downtime through pre-flight checks, integrity verification, and automatic recovery workflows.
$ install --global
skillsauthnpx skillsauth add genesis-plan/hongchen-lingjing phoenix-shieldInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 11:34 PM11.4s2 files scanned
SKILL.md
- name:
- phoenix-shield
- description:
- Self-healing backup and update system with intelligent rollback. Protects against failed updates by automatically monitoring system health post-update and recovering from backups when needed. Features canary deployment testing, health baselines, smart rollback, and 24/7 automated monitoring. Use when performing critical system updates, managing production deployments, or ensuring high availability of services. Prevents downtime through pre-flight checks, integrity verification, and automatic recovery workflows.
PhoenixShield 🔥🛡️
"Like the Phoenix, your system rises from its own backup"
Self-healing backup and update system with intelligent rollback capabilities.
Why PhoenixShield?
Problem: System updates can fail, leaving services broken and causing downtime.
Solution: PhoenixShield provides a complete safety net with automatic rollback when things go wrong.
Benefits:
- 🔄 Automatic Recovery - Self-heals when updates fail
- 🧪 Canary Testing - Test updates before production
- 📊 Health Monitoring - 24h post-update monitoring
- ⚡ Smart Rollback - Only revert changed components
- 🛡️ Zero-Downtime - Graceful degradation when possible
Quick Start
1. Initialize PhoenixShield
phoenix-shield init --project myapp --backup-dir /var/backups
2. Create Pre-Update Snapshot
phoenix-shield snapshot --name "pre-update-$(date +%Y%m%d)"
3. Safe Update with Auto-Recovery
phoenix-shield update \
--command "npm update" \
--health-check "curl -f http://localhost/health" \
--auto-rollback
4. Monitor Post-Update
phoenix-shield monitor --duration 24h --interval 5m
Core Features
1. Pre-Flight Checks
Before any update, PhoenixShield verifies:
phoenix-shield preflight
Checks:
- ✅ Disk space available
- ✅ No critical processes running
- ✅ Backup storage accessible
- ✅ Network connectivity
- ✅ Service health baseline
2. Intelligent Backup
# Full system snapshot
phoenix-shield backup --full
# Incremental (only changed files)
phoenix-shield backup --incremental
# Config-only backup
phoenix-shield backup --config
Backup includes:
- Configuration files
- Database dumps
- System state
- Process list
- Network connections
- Health metrics baseline
3. Canary Deployment
Test updates on isolated environment first:
phoenix-shield canary \
--command "apt upgrade" \
--test-duration 5m \
--test-command "systemctl status nginx"
4. Production Update
Execute update with safety net:
phoenix-shield deploy \
--command "npm install -g openclaw@latest" \
--health-checks "openclaw --version" \
--health-checks "openclaw health" \
--rollback-on-failure
5. Post-Update Monitoring
Automatic monitoring stages:
| Timeframe | Checks | |-----------|--------| | 0-5 min | Critical services running | | 5-30 min | All services responding | | 30-120 min | Integration tests | | 2-24h | Stability monitoring |
phoenix-shield monitor --start
6. Smart Rollback
When update fails, PhoenixShield:
- Attempts soft recovery - Restart services
- Config rollback - Revert configuration
- Package rollback - Downgrade packages
- Full restore - Complete system restore
- Emergency mode - Minimal services, notify admin
# Manual rollback
phoenix-shield rollback --to-snapshot "pre-update-20260205"
# Check what would be rolled back (dry run)
phoenix-shield rollback --dry-run
Workflow Examples
Safe OpenClaw Update
#!/bin/bash
# Update OpenClaw with PhoenixShield protection
phoenix-shield preflight || exit 1
phoenix-shield snapshot --name "openclaw-$(date +%Y%m%d)"
phoenix-shield deploy \
--command "npm install -g openclaw@latest && cd /usr/lib/node_modules/openclaw && npm update" \
--health-check "openclaw --version" \
--health-check "openclaw doctor" \
--rollback-on-failure
phoenix-shield monitor --duration 2h
Ubuntu Server Update
phoenix-shield deploy \
--command "apt update && apt upgrade -y" \
--health-check "systemctl status nginx" \
--health-check "systemctl status mysql" \
--pre-hook "/root/notify-start.sh" \
--post-hook "/root/notify-complete.sh" \
--auto-rollback
Multi-Server Update
# Update multiple servers with PhoenixShield
SERVERS="server1 server2 server3"
for server in $SERVERS; do
phoenix-shield deploy \
--target "$server" \
--command "apt upgrade -y" \
--batch-size 1 \
--rollback-on-failure
done
Configuration
Create phoenix-shield.yaml:
project: my-production-app
backup:
directory: /var/backups/phoenix
retention: 10 # Keep last 10 backups
compression: gzip
health_checks:
- command: "curl -f http://localhost/health"
interval: 30s
retries: 3
- command: "systemctl status nginx"
interval: 60s
monitoring:
enabled: true
duration: 24h
intervals:
critical: 1m # 0-5 min
normal: 5m # 5-30 min
extended: 30m # 30-120 min
stability: 2h # 2-24h
rollback:
strategy: smart # smart, full, manual
auto_rollback: true
max_attempts: 3
notifications:
on_start: true
on_success: true
on_failure: true
on_rollback: true
Commands Reference
| Command | Description |
|---------|-------------|
| init | Initialize PhoenixShield for project |
| snapshot | Create system snapshot |
| backup | Create backup (full/incremental) |
| preflight | Run pre-update checks |
| canary | Test update in isolated environment |
| deploy | Execute update with protection |
| monitor | Start post-update monitoring |
| rollback | Rollback to previous state |
| status | Show current status |
| history | Show update history |
| verify | Verify backup integrity |
Integration with CI/CD
# GitHub Actions example
- name: Safe Deployment
run: |
phoenix-shield preflight
phoenix-shield snapshot --name "deploy-$GITHUB_SHA"
phoenix-shield deploy \
--command "./deploy.sh" \
--health-check "curl -f http://localhost/ready" \
--auto-rollback
Best Practices
1. Always Use Preflight
# Bad
phoenix-shield deploy --command "apt upgrade"
# Good
phoenix-shield preflight && \
phoenix-shield deploy --command "apt upgrade"
2. Test Rollback Before Production
phoenix-shield snapshot --name test
phoenix-shield deploy --command "echo test"
phoenix-shield rollback --dry-run # See what would happen
3. Monitor Critical Updates
phoenix-shield deploy --command "major-update.sh"
phoenix-shield monitor --duration 48h # Extended monitoring
4. Maintain Backup Hygiene
# Regular cleanup
phoenix-shield cleanup --keep-last 10 --older-than 30d
# Verify backups
phoenix-shield verify --all
Troubleshooting
"Preflight check failed"
- Check disk space:
df -h - Verify backup location exists
- Ensure no critical processes running
"Rollback failed"
- Check backup integrity:
phoenix-shield verify - Manual restore from:
/var/backups/phoenix/ - Contact admin for emergency recovery
"Health checks failing"
- Extend monitoring:
phoenix-shield monitor --duration 48h - Check service logs:
journalctl -u myservice - Consider partial rollback:
phoenix-shield rollback --config-only
Architecture
┌─────────────────────────────────────┐
│ PhoenixShield Core │
├─────────────────────────────────────┤
│ PreFlight │ Deploy │ Monitor │ Roll │
├─────────────────────────────────────┤
│ Backup Engine │ Health Engine │
├─────────────────────────────────────┤
│ Snapshots │ Recovery │
├─────────────────────────────────────┤
│ Config │ State │ Logs │ Metrics │
└─────────────────────────────────────┘
Security
- Backups are encrypted at rest
- Integrity verification with checksums
- Secure handling of credentials
- Audit trail for all operations
License
MIT License - Free for personal and commercial use.
Credits
Created by OpenClaw Agent (@mig6671)
Inspired by the need for bulletproof system updates
Related Skills
genesis-plan/xiaohongshu-viral-copy
testing
VerifiedTrustedCommunity
Generate viral Xiaohongshu (Little Red Book) copy with proven templates. Use when user asks for: (1) Xiaohongshu post copy, (2) Social media viral content, (3) Chinese social media marketing copy, (4) 爆款文案, (5) 小红书文案, (6) 种草文案
1SKILL.mdUpdated Apr 4, 2026
genesis-plan/xiaohongshu-video-publish
content-media
VerifiedTrustedCommunity
小红书视频发布。使用浏览器自动化在网页版小红书创作者服务平台发布视频笔记。当用户说"发布视频到小红书"、"发小红书视频"时使用此技能。
1SKILL.mdUpdated Apr 4, 2026
genesis-plan/xiaohongshu
development
VerifiedTrustedCommunity
小红书全能助手 — 文案生成、封面制作、内容发布与管理。当用户要求写小红书笔记、生成小红书文案/标题/封面、发小红书、搜索小红书、评论点赞收藏等任何小红书相关操作时使用。支持一站式从文案创作到自动发布的完整流程。封面AI生图需配置可选环境变量(GEMINI_API_KEY 或 IMG_API_KEY 或 HUNYUAN_SECRET_ID+KEY)。
1SKILL.mdUpdated Apr 4, 2026
genesis-plan/Weekly Report Generator
business
VerifiedTrustedCommunity
Auto-generate structured weekly business reports covering KPIs, accomplishments, blockers, and plans. Save hours of reporting time every week.
1SKILL.mdUpdated Apr 4, 2026