ClawSync
ReviewAudited by ClawScan on May 10, 2026.
Overview
ClawSync mostly matches its sync-vault purpose, but it would automatically persist sensitive agent memory and the supplied artifacts leave important encryption and billing safeguards unclear.
Install only if you intentionally want your OpenClaw identity, memory, project context, and package list synced across machines. Before enabling auto-sync or ClawSync Cloud, verify the encryption implementation, understand billing beyond the free tier, review what will be uploaded, and avoid opting into credential/config sync unless you truly need it.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Personal agent memory and project context may be copied to remote storage and reused across machines.
This defines persistent identity, memory, and project context that will be automatically synced to the chosen storage provider.
ALWAYS SYNCED ... identity/USER.md ... knowledge/MEMORY.md ... knowledge/projects/ ... Auto-sync is ON by default after setup
Review the vault contents before enabling sync, avoid storing secrets in memory/project files, and choose a provider and retention settings you trust.
Vault changes may continue uploading after the original request unless the user stops or disables sync.
This describes persistent background activity that continues after setup, though it is aligned with the skill's sync purpose.
Auto-sync is ON by default after setup — like iCloud. The user should not have to think about syncing. Changes are pushed within 30 seconds.
Confirm how to stop auto-sync, monitor provider activity, and disable background syncing when not needed.
Users may believe synced memory and project data is encrypted end-to-end when the provided artifacts do not clearly prove that protection.
This is a strong privacy claim. The provided cloud API artifacts show Ed25519-style signature verification and storage of uploaded archive bytes, but the supplied evidence does not clearly demonstrate client-side encryption before remote storage.
Encrypted: Ed25519 keypair per installation — private key never leaves the machine
Verify the actual encryption design before syncing sensitive data, and prefer explicit client-side encryption with user-held keys.
Automatic cloud sync could lead to paid usage as the vault grows beyond the free tier.
The managed cloud upload path can create a metered subscription and report usage when a pushed archive exceeds the free tier; the artifacts do not show a per-push user approval step for paid billing.
if (!vault.stripe_subscription_id && data.length > 50 * 1024 * 1024) { const subId = await billing.ensureSubscription(...); ... } ... await billing.reportUsage(...)Require explicit user confirmation before enabling paid cloud billing, show quotas before upload, and provide clear cost alerts.
Storage or channel credentials could grant access to synced vault data if mishandled or over-scoped.
The skill may request storage-provider credentials and can optionally sync channel credentials; this is expected for the product but sensitive and not reflected in the registry credential metadata.
Google Drive ... OAuth flow ... Dropbox ... OAuth flow ... FTP/SFTP ... credentials ... OPT-IN SYNC: ... credentials/
Use least-privilege storage accounts, avoid syncing credentials unless necessary, and confirm where credentials are stored and encrypted.
If approved, the skill can change the local software environment.
The skill can help install system packages during migration; the instructions say to show commands and ask first, making this purpose-aligned but still system-mutating.
"install missing packages" → `track-packages.sh install` — shows commands, asks before running
Review package diffs and generated install commands before allowing them to run.