ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Backup & Restore

v1.0.3

Backup and restore OpenClaw configuration, agents, sessions, and workspace to/from a private Git repository. Use when the user wants to manually trigger a ba...

1· 433·0 current·0 all-time
by@darinrowe
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description match the included scripts: they back up ${HOME}/.openclaw to a Git repo and can restore it. However, the registry metadata claims no required binaries or envs even though the scripts require git, rsync, npm, and the OpenClaw CLI (openclaw). It also implicitly requires a working SSH/git auth setup for the remote repo. The missing required-tool declarations are an inconsistency.
Instruction Scope
SKILL.md and the scripts stay within the stated purpose (sync .openclaw to/from a Git repo). The restore script runs 'find ... -execdir npm install' which will execute package install scripts in restored directories (a legitimate restore step but a notable execution risk if the backup contains malicious package.json files). The scripts read OpenClaw config and operate on ${HOME}/.openclaw and ${HOME}/openclaw-backup — they will move potentially sensitive runtime/config/identity files to the configured remote, which is expected but requires caution.
Install Mechanism
No install spec (instruction-only) — no external archives are downloaded by the skill itself. The scripts are included in the skill bundle and will be executed by the agent when invoked. This is a low-risk install mechanism in the sense of remote code fetching, but the included scripts will perform network operations (git push/pull, npm install).
!
Credentials
The skill requests no environment variables in metadata, yet it depends on a user-configured OPENCLAW_BACKUP_REPO value in OpenClaw config and needs access to the user's SSH/git credentials and HOME. The scripts will read/write the entire ${HOME}/.openclaw (including identity/credentials files referenced in SKILL.md), then push them to the configured remote — this is functionally necessary but high-impact, so the omission in metadata and lack of explicit credential requirements is concerning.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills. It does, however, read and write the user's OpenClaw runtime data and will perform autonomous git operations when invoked; that autonomy is platform-default and not by itself a flag here.
What to consider before installing
Before installing or running this skill, make sure you: 1) Verify OPENCLAW_BACKUP_REPO is set to a private, access-controlled repository (do not push secrets to a public repo). 2) Confirm you have git, rsync, npm, and the OpenClaw CLI available on the machine; the skill metadata currently does not declare these requirements. 3) Understand that restore runs 'npm install' in any folder with package.json — that can run arbitrary install scripts from code stored in the backup. Consider disabling automatic npm installs (or review package.json files) when restoring. 4) Ensure your SSH/git credentials used for push/pull have appropriate scope and rotate credentials if you suspect exposure. 5) Test the backup/restore flow on a non-production copy first to validate behavior and the rsync/git semantics (watch for nested directory issues). 6) If you plan to proceed, update the skill metadata or documentation to list required binaries and clearly warn about the sensitivity of files under ~/.openclaw. If you want, provide the agent with a read-only or restricted backup repo and review the contents before running npm install or pushing sensitive files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97947ybwaqvynnhbjvff2hypn82zg61
433downloads
1stars
4versions
Updated 8h ago
v1.0.3
MIT-0
@darinrowe
latest
Download

OpenClaw Backup & Restore

A specialized skill for managing the lifecycle of your OpenClaw data. This skill utilizes an external Git-managed backup directory to keep your production environment clean while ensuring full recoverability.

Strategy

  1. Isolation: Git operations happen in a dedicated directory outside the live .openclaw runtime to avoid pollution.
  2. Minimalism: Large node_modules, logs, and temporary files are excluded.
  3. Redundancy: Regular backups can be scheduled via Cron.

Setup

Before using this skill, you must set your private backup repository URL in openclaw.json. This URL is used by the scripts to push and pull data.

openclaw config set skills.entries.openclaw-backup-restore.env.OPENCLAW_BACKUP_REPO "git@github.com:your-username/your-repo.git"

How to Backup

To trigger a manual backup and sync to your remote repository:

  1. The agent should execute the backup.sh script located within this skill's scripts/ directory.
  2. The script will:
    • Read the repo URL from the OpenClaw config.
    • Sync ${HOME}/.openclaw/ to ${HOME}/openclaw-backup/ using rsync (respecting .gitignore).
    • Generate a readable commit summary from changed paths (for example workspace/config/runtime/memory).
    • Commit and push to the remote main branch.

Trigger Phrases: "Backup OpenClaw now", "Sync my data to GitHub".

How to Restore

To restore your environment on a new or existing machine:

  1. Ensure your SSH key is added to your Git provider (e.g., GitHub).
  2. The agent should execute the restore.sh script located within this skill's scripts/ directory.
  3. The process involves:
    • Reading the repo URL from the OpenClaw config.
    • Cloning or pulling the latest backup from the configured repository.
    • Syncing files back to ${HOME}/.openclaw/.
    • Reinstalling node dependencies and running openclaw doctor --yes to fix environment paths.
  4. Restart the Gateway: openclaw gateway restart.

Trigger Phrases: "Restore OpenClaw from backup", "Migrate my data".

Technical Details

  • Backup Directory: ${HOME}/openclaw-backup
  • Source Directory: ${HOME}/.openclaw
  • Exclusions: Defined in the skill's .gitignore (includes node_modules/, logs/, completions/, tmp/, dist/).
  • Automatic Setup: The .gitignore file is included in this skill and will be copied to ${HOME}/openclaw-backup/ during the first backup run.

Recovery Checklist

If restoring to a completely new machine:

  1. Install OpenClaw CLI first.
  2. Set the OPENCLAW_BACKUP_REPO config value.
  3. Configure SSH access for your Git provider.
  4. Run the restore script provided by this skill.
  5. Run openclaw onboard if you need to re-install the daemon service.

Comments

Loading comments...