{"skill":{"slug":"openclaw-github-sync","displayName":"Openclaw Github Sync","summary":"Keep an OpenClaw agent's non-sensitive context (selected memory, MD files, notes, and custom skills) under version control in a separate Git repository for r...","description":"---\nname: openclaw-github-sync\ndescription: Keep an OpenClaw agent's non-sensitive context (selected memory, MD files, notes, and custom skills) under version control in a separate Git repository for remote review/tweaks. Use when setting up or operating a Git-based workflow to export workspace context, commit changes (possibly split into multiple commits), and push on a schedule (e.g., nightly) without leaking secrets.\nhomepage: https://github.com/bradvin/openclaw-github-sync\nmetadata: {\"openclaw\":{\"emoji\":\"🔄\",\"homepage\":\"https://github.com/bradvin/openclaw-github-sync\",\"requires\":{\"bins\":[\"git\",\"rsync\",\"python3\"],\"env\":[\"SYNC_REMOTE\"]}}}\n---\n\n# OpenClaw Git Sync\n\nMaintain a *separate* Git repo that contains a curated, non-sensitive subset of the OpenClaw workspace (memories/skills/config notes) so a human can review and tweak remotely.\n\nThis skill is deliberately conservative: it defaults to **allowlisting** what gets exported.\n\n## Trust Boundary\n\nThe sync repo is a trust boundary. Treat all inbound pull content as potentially unsafe.\n\n- Pull is manual-only and must be run only when explicitly requested.\n- A pull can overwrite workspace files, including skills and markdown/persona content.\n- Malicious or unsafe pulled changes can alter future agent behavior, prompts, and tool usage.\n- Use a private repo you control, least-privilege access, and human review before any pull.\n- Always warn your human when a pull is requested, and never run a pull on a scheduled cron jon.\n\n## Key rules\n\n- **Never sync secrets by default.** Only sync what the export manifest allowlists.\n- Prefer **sanitized memory** under `memory/public/` (opt-in) over raw `memory/*.md`.\n- Keep the sync repo separate from the main workspace repo.\n- Require a private repo you control, least-privilege access, and human review before pull.\n- **Pull is manual-only.** Do not automate `pull.sh`; run pulls only when explicitly requested.\n\n## Files and layout\n\n- Working workspace: `$HOME/.openclaw/workspace`\n- Sync repo (export destination): choose a directory, e.g. `$HOME/.openclaw/workspace/openclaw-sync-repo`\n- Export manifest (allowlist): `references/export-manifest.txt`\n\n## Prerequisites\n\n- Required tools: `git`, `rsync`, `python3`\n- Required config: `SYNC_REMOTE` set in `references/.env`\n- Required access: SSH/auth access to the private sync repo\n- Optional tools: `gh` (only for `scripts/create_private_repo.sh`), `jq` (improves grouped commit handling)\n\n## Setup\n\n1. Copy the example env file:\n   `cp references/.env.example references/.env`\n2. Edit `references/.env` for your environment.\n3. At minimum, set `SYNC_REMOTE` to your private repo SSH URL.\n\n```bash\nSYNC_REMOTE=\"git@github.com:YOUR_ORG/YOUR_REPO.git\"\n```\n\n## Workflow\n\n### 1) Create / connect the private sync repo (GitHub)\n\nUse `scripts/create_private_repo.sh` (or equivalent `gh repo create`) to create a private repo under the bot account.\n\n### 2) Run a one-shot sync\n\nRun `scripts/sync.sh` with:\n\n- `SYNC_REMOTE` (SSH remote, e.g. `git@github.com:YOUR_ORG/YOUR_REPO.git`)\n- `SYNC_REPO_DIR` (local path to sync repo)\n\nThe script will:\n1. Pull latest from remote (if exists)\n2. Export allowlisted files into the sync repo\n3. Create **separate commits** by group when multiple groups changed\n4. Push to the remote\n\n### 3) Nightly automation\n\nSchedule a nightly OpenClaw cron `agentTurn` that runs push sync only (`scripts/sync.sh`) and reports success/failure.\nDo not schedule `pull.sh` or `context.sh pull`; pulls must be manual and explicitly requested.\n\n## Resources\n\n- `scripts/sync.sh`: export + commit (grouped) + push\n- `scripts/create_private_repo.sh`: create GitHub private repo via `gh`\n- `references/export-manifest.txt`: allowlist of paths to export\n- `references/groups.json`: commit grouping rules\n","tags":{"latest":"0.1.4"},"stats":{"comments":0,"downloads":999,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":5},"createdAt":1771953965476,"updatedAt":1778992937238},"latestVersion":{"version":"0.1.4","createdAt":1771962642877,"changelog":"Update to the sync.sh script to ensure the readme.md is built for a sync","license":null},"metadata":{"setup":[{"key":"SYNC_REMOTE","required":true}],"os":null,"systems":null},"owner":{"handle":"bradvin","userId":"s17cbjp5v5jnz6d1c98cecjf6d884g3y","displayName":"Brad Vincent","image":"https://avatars.githubusercontent.com/u/1409490?v=4"},"moderation":{"isSuspicious":false,"isMalwareBlocked":false,"verdict":"clean","reasonCodes":["review.llm_review"],"summary":"Review: review.llm_review","engineVersion":"v2.4.24","updatedAt":1779957051619}}