ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Github Sync

Keep an OpenClaw agent's non-sensitive context (selected memory, MD files, notes, and custom skills) under version control in a separate Git repository for r...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 326 · 0 current installs · 0 all-time installs
byBrad Vincent@bradvin
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise (export curated workspace files to a separate git repo) matches the included scripts and declared requirements. Required binaries (git, rsync, python3) and required env var (SYNC_REMOTE) are appropriate for pushing/pulling to a git remote. Optional tools (gh, jq) are used only for repo creation or better grouping and are documented as optional.
Instruction Scope
SKILL.md and the scripts focus on exporting allowlisted files, scanning for secrets, committing, pushing, and (manual) pulling. The README and SKILL.md explicitly document the trust boundary, require manual pulls, and warn about pull-induced behavior changes. The only I/O beyond the sync repo/workspace is optional reading of OpenClaw config (openclaw.json) to target per-agent workspace pulls; this is explained in the docs and is coherent with the pull functionality.
Install Mechanism
This is an instruction-only skill with included scripts (no external install spec or remote downloads). No external, untrusted URLs are fetched or executed during normal operation—scripts run locally and use standard system tools. That is a lower-risk install model.
Credentials
The only declared required env var is SYNC_REMOTE (the git remote to push/pull), which is proportionate. Other environment variables used are optional configuration (WORKSPACE_DIR, SYNC_REPO_DIR, PULL_* flags, etc.). The skill does not demand unrelated credentials or broad secrets; Git/SSH authentication is performed against the user-provided remote and is appropriate for the task.
Persistence & Privilege
The skill is not force-included (always:false). It can be run autonomously by the agent (default model invocation allowed), and a nightly push wrapper is provided; this is expected for automation. Important: pull operations can overwrite workspace files (including skills and persona markdown), so manual control is emphasized in the docs — that explicit warning is appropriate but the user should ensure pull is never run automatically without human review.
Assessment
This skill appears to do exactly what it says: export an allowlisted subset of your OpenClaw workspace and push it to a separate git repo, and optionally pull reviewed changes back. Before installing or using it: 1) Use a private repo you control and set SYNC_REMOTE to its SSH URL. 2) Never automate pulls; only push can be scheduled. 3) Inspect and customize references/export-manifest.txt to ensure nothing sensitive is included. 4) Run the sync first in a dry-run or test workspace, and back up your workspace before performing a first pull (pull can overwrite skills and markdown and thus change agent behavior). 5) Ensure secret scanning is enabled (the included scan_secrets.py runs before commits) and avoid adding ignore rules unless you understand the risk. 6) If you use gh or jq, make sure the corresponding CLI credentials are managed under least-privilege. If you want additional assurance, provide the openclaw.json path and run a dry-run pull (PULL_DRY_RUN=1) to preview changes before applying them.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.4
Download zip
latestvk977xqfat4pcm5xy3v5b7b5afh81s8kc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔄 Clawdis
Binsgit, rsync, python3
EnvSYNC_REMOTE

SKILL.md

OpenClaw Git Sync

Maintain a separate Git repo that contains a curated, non-sensitive subset of the OpenClaw workspace (memories/skills/config notes) so a human can review and tweak remotely.

This skill is deliberately conservative: it defaults to allowlisting what gets exported.

Trust Boundary

The sync repo is a trust boundary. Treat all inbound pull content as potentially unsafe.

  • Pull is manual-only and must be run only when explicitly requested.
  • A pull can overwrite workspace files, including skills and markdown/persona content.
  • Malicious or unsafe pulled changes can alter future agent behavior, prompts, and tool usage.
  • Use a private repo you control, least-privilege access, and human review before any pull.
  • Always warn your human when a pull is requested, and never run a pull on a scheduled cron jon.

Key rules

  • Never sync secrets by default. Only sync what the export manifest allowlists.
  • Prefer sanitized memory under memory/public/ (opt-in) over raw memory/*.md.
  • Keep the sync repo separate from the main workspace repo.
  • Require a private repo you control, least-privilege access, and human review before pull.
  • Pull is manual-only. Do not automate pull.sh; run pulls only when explicitly requested.

Files and layout

  • Working workspace: $HOME/.openclaw/workspace
  • Sync repo (export destination): choose a directory, e.g. $HOME/.openclaw/workspace/openclaw-sync-repo
  • Export manifest (allowlist): references/export-manifest.txt

Prerequisites

  • Required tools: git, rsync, python3
  • Required config: SYNC_REMOTE set in references/.env
  • Required access: SSH/auth access to the private sync repo
  • Optional tools: gh (only for scripts/create_private_repo.sh), jq (improves grouped commit handling)

Setup

  1. Copy the example env file: cp references/.env.example references/.env
  2. Edit references/.env for your environment.
  3. At minimum, set SYNC_REMOTE to your private repo SSH URL.
SYNC_REMOTE="git@github.com:YOUR_ORG/YOUR_REPO.git"

Workflow

1) Create / connect the private sync repo (GitHub)

Use scripts/create_private_repo.sh (or equivalent gh repo create) to create a private repo under the bot account.

2) Run a one-shot sync

Run scripts/sync.sh with:

  • SYNC_REMOTE (SSH remote, e.g. git@github.com:YOUR_ORG/YOUR_REPO.git)
  • SYNC_REPO_DIR (local path to sync repo)

The script will:

  1. Pull latest from remote (if exists)
  2. Export allowlisted files into the sync repo
  3. Create separate commits by group when multiple groups changed
  4. Push to the remote

3) Nightly automation

Schedule a nightly OpenClaw cron agentTurn that runs push sync only (scripts/sync.sh) and reports success/failure. Do not schedule pull.sh or context.sh pull; pulls must be manual and explicitly requested.

Resources

  • scripts/sync.sh: export + commit (grouped) + push
  • scripts/create_private_repo.sh: create GitHub private repo via gh
  • references/export-manifest.txt: allowlist of paths to export
  • references/groups.json: commit grouping rules

Files

14 total
Select a file
Select a file to preview.

Comments

Loading comments…