ClawHub

webdav-backup

v1.2.2

WebDAV 备份工具 - 将 OpenClaw 工作目录备份到 WebDAV 服务器或本地目录(默认 `~/openclaw/output`)。当用户需要备份数据、同步文件到云端、做本地归档、或配置自动备份计划时使用此技能。

1· 455·3 current·3 all-time
byCodePlayer@caozeal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md and included scripts all describe a WebDAV/local backup tool. The required env vars (WEBDAV_URL, WEBDAV_USERNAME, WEBDAV_PASSWORD) match the declared purpose of uploading to WebDAV. The script explicitly packages ~/.openclaw workspace and config files, which is consistent with a backup tool.
Instruction Scope
Runtime instructions and the script read and package ~/.openclaw/workspace, ~/.openclaw/openclaw.json, cron, and other local paths — this is expected for a backup tool. Note: those files can contain other services' credentials or sensitive data; the skill recommends encryption but by default will include config files unless the user restricts sources. The SKILL.md also suggests cron usage and shows commands that run the included Python script in-place.
Install Mechanism
No install spec is present (instruction-only packaging with an included scripts/backup.py). Nothing is downloaded or written by an automated installer; risk from install mechanism is low. The included script will run locally when invoked.
Credentials
Declared required env vars are limited to the WebDAV credentials, which is proportional to the stated function. The script also reads optional env vars (OPENCLAW_WORKSPACE, OPENCLAW_LOCAL_BACKUP_DIR) and loads ~/.openclaw/openclaw.json for configuration — these optional env vars are not listed in requires.env but are reasonable for configuration. Users should note that backing up openclaw.json can capture other secrets stored there.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent platform-wide privileges or modification of other skills. It writes backup files to user-specified local directories and may upload to the WebDAV endpoint; this is consistent with its purpose.
Assessment
This skill appears coherent, but before installing or running it: (1) review scripts/backup.py yourself (it will read and archive your ~/.openclaw files, which may contain credentials or private data); (2) prefer using an 'application' or limited WebDAV account and HTTPS endpoints; (3) store WEBDAV credentials securely (avoid long-term plain-text in shell rc files) or configure them in ~/.openclaw/openclaw.json with tight file permissions; (4) consider enabling encryption (gpg) for backup archives before uploading; (5) if you only need to back up a subset of data, use --source to limit scope; and (6) verify the WebDAV destination is trusted to avoid placing sensitive backups on an external host.

Like a lobster shell, security has layers — review code before you run it.

latestvk979dk41wx78rrqgtg8bwy5fsh82nven

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvWEBDAV_URL, WEBDAV_USERNAME, WEBDAV_PASSWORD

Comments