OpenClaw自动备份工具_auto-backup-openclaw-user-data
v1.1.0OpenClaw 用户数据自动备份技能。支持全量/选择性备份、定时执行、ZIP 压缩、日志记录、消息通知和保留策略管理。 **触发场景**: (1) 用户要求备份 OpenClaw 数据 (2) 用户要求设置定时备份 (3) 用户询问备份配置、状态、日志 (4) 用户执行 /backup_now、/backup_...
⭐ 1· 81·0 current·0 all-time
by@hjj345
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Skill name/description (auto backup of OpenClaw data) matches the code and docs: it scans ~/.openclaw, collects files, compresses them, records logs, notifies configured channels, and cleans old backups. Dependencies (archiver, fs-extra, dayjs) and Node.js runtime are appropriate for these tasks.
Instruction Scope
Runtime instructions and templates explicitly tell the agent to scan the OpenClaw workspace (~/.openclaw), run the skill's node CLI, and send notifications via configured channels. This is expected for a backup skill, but templates encourage inclusion of notification tokens/IDs in cron/HEARTBEAT payloads and the skill's default behavior does not force exclude sensitive files — the docs mention this as a warning.
Install Mechanism
No external download/install URL is used (no install spec). The project includes source files and a package.json/package-lock referencing npm registry packages — standard and traceable. Nothing in the manifest indicates silent remote code fetching beyond normal npm dependencies.
Credentials
The skill requests no explicit env vars, but it auto-detects and scans ~/.openclaw and reads OpenClaw configuration to discover notification channels. That can surface or include other agents' data and channel credentials (if stored in OpenClaw config). Backups by default may include sensitive files (keys, .env, credentials) unless the user enables exclusion or encryption — the docs warn about this, but the default is 'no enforcement'.
Persistence & Privilege
always is false and the skill exports runCommand for the platform to call; autonomous invocation is normal. It does not request system-wide privileges or modify other skills' configurations in the provided files.
Scan Findings in Context
[pre-scan-injection] expected: No pre-scan injection signals were detected. The code includes CLI and cron/heartbeat templates that run the skill's own node scripts and use curl for Telegram — these are expected for scheduling and notifications.
Assessment
This skill is coherent for backing up OpenClaw data, but it will scan your ~/.openclaw and by default will not exclude sensitive files. Before installing or enabling scheduled runs: 1) Inspect and set config.output.path to a secure location you control; enable output.encryption if you need backups encrypted. 2) Enable 'enableSensitiveExclude' or populate backup.exclude / excludePatterns to omit keys, .env, .ssh, credentials, tokens, etc. 3) Review notifier behavior (scripts/notifier.js) to confirm it only sends text summaries and does not upload backup files or credentials to external services. 4) Avoid embedding secrets directly into cron payloads or persistent job files (templates show placeholders for tokens; prefer storing tokens in OpenClaw's secure channel configuration). 5) Run a manual test backup of a non-sensitive subset to confirm behavior. If you want, review scripts/config.js and scripts/notifier.js (and search for any network calls that might send archive files) — if you share those files I can point out specific lines to check.Like a lobster shell, security has layers — review code before you run it.
latestvk977xrmzmhrd8shgtvzxsbdc6d84ygcr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.