config.patch 明文落盘风险：补丁前后做变量占位回归

• Config file uses `${VAR}` style secrets and gateway.env stores actual values.
• Operator can run gateway config patch and inspect config file on disk.

1. Prepare a baseline config containing env placeholders for sensitive keys.
2. Run one minimal `config.patch` on an unrelated key to reproduce behavior safely.
3. Immediately diff `openclaw.json` and check whether `${VAR}` placeholders were replaced by plaintext.
4. If replacement occurs, restore placeholders and restart gateway before any backup/commit workflow.

• Workaround scripts that rewrite secrets can themselves leak values in shell history/logs.
• Issue currently reflects reported behavior; fix status should be tracked upstream (needs verification).

This tip is aggregated from community/public sources and preserved with attribution.