Openclaw Backup
v2.0.1自动备份 OpenClaw 本地存储配置文件。支持 Windows/Linux/Mac。 使用场景:(1) 定期备份配置 (2) 迁移配置 (3) 恢复配置 这是一个 OpenClaw 备份工具 skill,提供交互式配置向导。
⭐ 0· 337·1 current·1 all-time
byKiLiminal@hi-jiajun
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description promise a local backup tool for OpenClaw and the included scripts (setup.sh, backup.sh) implement that behavior for Linux/Mac. However, SKILL.md and README also reference Windows PowerShell scripts (setup.ps1, backup.ps1) which are not present in the bundle — mismatch between claimed cross-platform support and provided files. The SKILL.md instructs users to git-clone a GitHub repo (normal for install) which means the actual installed code could differ from the packaged files.
Instruction Scope
Runtime instructions tell the agent/user to clone the repo and run the provided setup/backup scripts. The scripts operate on files under the user's home (~/.openclaw), create backup directories under the user's home, and manage/rotate backups. They explicitly copy credentials/secret files (credentials/), which is expected for a backup tool but is sensitive and should be handled carefully. There are no instructions to read unrelated system paths or to transmit data externally.
Install Mechanism
There is no formal install spec in the skill package (instruction-only), and SKILL.md recommends cloning from a GitHub repo. Cloning from GitHub is common but means the installer will fetch third-party code. The packaged files themselves include the shell scripts, so no binary downloads or obscure URLs are present in the bundle — lower risk than arbitrary downloads, but the repo URL should be verified and code inspected before execution.
Credentials
The skill declares no required environment variables or credentials. The scripts use HOME/hostname and default OPENCLAW_HOME (~/.openclaw), which is appropriate. The scripts do access and copy credential files from the OpenClaw config (expected for backups) — this is proportionate to the stated purpose but elevates sensitivity; backups are stored unencrypted by default.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It creates a local config file (config.sh) inside the skill scripts directory and writes backups under user-owned paths — no system-wide privilege escalation or modification of other skills' configs is observed.
Assessment
This skill mostly does what it says: it copies OpenClaw configuration (including credentials) into local backup folders and manages retention. Before installing/running: (1) verify the GitHub repo URL in SKILL.md matches a trusted source and inspect the actual scripts you will run (the package here contains setup.sh and backup.sh, but the Windows .ps1 files referenced are missing); (2) be aware backups include sensitive credential files — store backups in a secure location and consider encrypting them before leaving your machine or uploading them; (3) prefer to run the included scripts from the packaged copy or review the remote repo contents before executing a git clone; (4) if you need Windows support, request or verify the missing PowerShell scripts rather than running unknown code; (5) consider restricting file permissions on backup directories and adding an encryption step to the workflow to protect secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk97adjdwj0bfsnecq0txt4gspd82gxgv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.