ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

openclaw-reliable-backup

v1.0.0

提供 OpenClaw 自动化每日备份、变更前快照、邮件发送、备份管理及恢复指导,确保数据高可靠性和安全。

0· 126·0 current·0 all-time
byLlmin@liliwang76
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Skill name/description match the instructions: it explicitly backs up OpenClaw state (many ~/.openclaw paths) and provides restore/lifecycle flows. However the package metadata declares no required environment variables while the SKILL.md treats BACKUP_ROOT as mandatory — a metadata/instruction mismatch that can cause surprises.
!
Instruction Scope
SKILL.md instructs the agent to read and copy many sensitive paths (e.g. ~/.openclaw/credentials, identity, telegram, agents), create archives, and optionally send them by email. It also directs the agent to install and configure third-party 'mail' skills via commands like `clawhub install` and `openclaw skill config`, and to prompt users for email passwords. Those actions are coherent for a full backup feature but materially expand the attack surface (sensitive secrets bundled into backups; credential entry prompts; installing arbitrary skills).
Install Mechanism
There is no install script or remote download in this skill (instruction-only), which reduces supply-chain risk. The SKILL.md does instruct calling external commands (clawhub/openclaw) to install other skills, but actual code downloads would be performed by those commands, not by this skill itself.
!
Credentials
Declared requirements list no env vars, but the instructions require BACKUP_ROOT and reference BACKUP_RETENTION_DAYS and EMAIL_RETENTION_DAYS. More importantly, the backup explicitly includes credentials and identity files — appropriate for a full state backup but high sensitivity; backing up and emailing these files without strong encryption or explicit guidance to encrypt is risky.
Persistence & Privilege
Skill is not always:true and is user-invocable; it does not request permanent elevated platform privileges. It does instruct stopping/starting the OpenClaw gateway and installing other skills, which are normal for backup/maintenance but require user consent.
Scan Findings in Context
[no_findings] expected: Regex-based scanner returned nothing; the package is instruction-only (no code files) so the scanner had little to analyze. Evaluate SKILL.md directly.
What to consider before installing
This skill appears to implement a full backup/restore workflow and will read and archive highly sensitive OpenClaw files (credentials, identity, agents). Before installing or running it: (1) ensure BACKUP_ROOT is explicitly set and has restrictive permissions (chmod 700), (2) prefer encrypting backups (use a passphrase) before storing or emailing them — do not email raw credential-containing archives, (3) review any mail-skill you install manually (clawhub-installed skills could request your email password), (4) test the backup/restore flow in a safe environment first, and (5) ask the skill author to fix metadata inconsistencies (declare BACKUP_ROOT as a required env var) and to add explicit, automated encryption guidance so sensitive data is not accidentally exfiltrated. If you are uncomfortable with backups that include credential files, request a version that omits or redacts those paths or that enforces client-side encryption.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e1z7ms3bq6jan6nmwqm6b6x8308rw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

name: openclaw-reliable-backup description: | 执行 OpenClaw 的自动化、高可靠性备份与安全管理。功能包括:每日定时完整备份、文件修改前自动创建快照、通过邮件发送备份、管理备份生命周期、提供紧急恢复指南。当用户提到"备份"、"回滚"、"快照"、"恢复系统"、"修改配置前备份"、"清理旧备份"、"查看备份状态"、"设置备份"时触发。 metadata: openclaw: emoji: "💾" requires: tools: ["file_operations", "command_execution"]

OpenClaw 高可靠备份与安全管理技能

核心指令

建立一套高可靠的自动化备份与恢复流程,确保在任何操作下 OpenClaw 的核心状态均可追溯与回滚。

首次使用设置流程

当用户首次提及"备份"、"设置备份"或相关指令时,执行以下设置流程:

  1. 检查备份根目录配置

    • 检查环境变量 BACKUP_ROOT 是否已设置
    • 如未设置,询问用户:"请设置备份文件的存储根目录(例如:~/openclaw_backups):"
    • 接收用户输入的路径,验证有效性,并创建必要的目录结构

  2. 检查邮件管理能力

    • 尝试调用 OpenClaw 的邮件发送功能
    • 如调用失败,进入邮件技能引导流程

  3. 邮件技能引导流程: a. 向用户说明:"备份技能需要邮件通知功能来发送备份文件。当前未检测到可用的邮件管理能力。" b. 询问用户:"是否现在安装并配置邮件管理技能?(回复'是'以继续,或'否'跳过邮件功能)"

    c. 如果用户回复"是":

    • 搜索可用的邮件相关技能:"正在搜索可用的邮件管理技能..."
    • 显示搜索结果列表
    • 引导用户:"请输入要安装的技能ID(例如:imap-smtp-email),或回复'取消'跳过:"

    d. 如果用户提供技能ID: - 执行安装:clawhub install [技能ID] - 安装成功后,引导配置:"✅ 邮件技能安装成功!请按照以下步骤配置:" - 提供配置指南:

        1. 运行配置命令:openclaw skill config [技能ID]
    2. 输入您的邮箱服务器信息:
       ▪ SMTP 服务器地址

       ▪ 端口(通常 587 或 465)

       ▪ 邮箱账号

       ▪ 密码或应用专用密码

    3. 测试发送:openclaw email test

  
  e. 等待用户配置完成后,继续引导本技能配置

    d. 如果用户回复"否"或"跳过":

    • 说明:"邮件通知功能已跳过。备份文件将仅保存在本地目录。"
    • 继续完成本技能的其他配置

  4. 完成本技能配置

    • 设置定时任务:"是否设置每日自动备份?(默认:每天 8:00)"

    • 配置备份保留策略:

      本地备份保留天数(默认:3天): 邮箱备份保留天数(默认:7天,需邮件功能):

    • 生成配置文件并确认完成

核心功能

1. 执行每日完整备份

触发时机:每日上午 8:00 自动执行,或用户手动触发"执行每日备份"、"创建完整快照"。

执行流程

  1. 前置检查

    • 检查网络连接
    • 检查邮件发送能力(如已配置)
    • 检查磁盘空间
    • 验证 BACKUP_ROOT 目录可访问

  2. 备份执行: a. 创建临时副本目录:$BACKUP_ROOT/tmp/backup_$(date +%Y%m%d_%H%M%S) b. 复制所有核心文件到临时目录:

    • ~/.openclaw/openclaw.json
    • ~/.openclaw/credentials/
    • ~/.openclaw/agents/
    • ~/.openclaw/identity/
    • ~/.openclaw/soul/
    • ~/.openclaw/workspace/
    • ~/.openclaw/telegram/
    • ~/.openclaw/cron/
    • ~/.openclaw/tools/
    • ~/.openclaw/system/

    c. 创建压缩包:openclaw_full_backup_$(date +%Y%m%d_%H%M%S).zip d. 生成校验文件:sha256sum 压缩包 > 压缩包.sha256

  3. 邮件通知(如配置了邮件功能): a. 尝试发送邮件附件 b. 邮件主题:[OpenClaw 备份] $(date +%Y-%m-%d) 完整备份 c. 邮件正文包含备份摘要和恢复指南

  4. 本地日志记录

    • 记录到:$BACKUP_ROOT/logs/backup.log
    • 格式:[时间] [结果] 操作详情
    • 示例:
      • [20250217_080005] [SUCCESS] 每日备份完成,文件:openclaw_full_backup_20250217_080005.zip,大小:150MB
      • [20250217_080010] [FAILED] 邮件发送失败:网络连接错误

2. 变更触发式精准备份

触发条件:检测到用户要修改 OpenClaw 核心文件时自动触发。

执行流程

  1. 询问确认:"检测到您要修改核心文件,将在执行前自动创建备份。确认继续吗?"
  2. 获取变更信息:"请简要描述要修改的文件和目的:"
  3. 执行双重备份: a. 完整备份:执行上述每日备份流程 b. 专项备份:复制要修改的文件为 [文件名]_before_change_$(date +%H%M%S).bak
  4. 邮件通知
    • 主题:【变更触发】备份 - $(date +%Y-%m-%d_%H:%M)
    • 正文包含变更摘要、专项恢复指引、紧急恢复指南

3. 备份生命周期管理

本地清理(3天策略):

触发:用户说"清理本地备份" 流程:

  1. 检查超过3天的备份文件
  2. 显示待删除文件列表
  3. 询问:"确认删除以上文件?(回复'确认'删除)"
  4. 收到确认后执行删除
  5. 记录日志

邮箱清理(7天策略,需邮件功能):

触发:用户说"清理邮箱备份" 流程:

  1. 搜索超过7天的备份邮件
  2. 显示邮件列表
  3. 询问:"确认移动以上邮件到回收站?"
  4. 收到确认后执行
  5. 记录日志

4. 查询与恢复

查询状态

  • 触发:"备份状态"、"查看备份日志"
  • 显示最近日志和备份文件列表

恢复指南(自动附加到每封邮件):

⚠️ 紧急恢复手册

  1. 查看日志:cat $BACKUP_ROOT/logs/backup.log | tail -5
  2. 关闭程序:openclaw gateway stop
  3. 下载验证:sha256sum -c 备份文件.sha256
  4. 解压恢复:unzip 备份文件.zip -d ~
  5. 重新启动:openclaw gateway start

输出格式标准

成功响应格式

✅ 备份操作完成 • 操作:[操作类型]

• 文件:[文件名]

• 大小:[文件大小]

• 时间:[完成时间]

• 状态:已记录到日志

[如发送邮件] - 已发送至您的邮箱

失败响应格式

❌ 备份操作失败 • 错误:[具体错误]

• 原因:[可能原因]

• 建议:[修复建议]

• 状态:已记录到日志

引导交互格式

🔧 配置引导:[当前步骤] [说明文字] 请回复:[选项1] 或 [选项2] 或 [其他指令]

配置与状态管理

环境变量

  • BACKUP_ROOT:备份根目录(必须)
  • BACKUP_RETENTION_DAYS:本地保留天数(默认:3)
  • EMAIL_RETENTION_DAYS:邮箱保留天数(默认:7,需邮件功能)

配置文件位置

  • 主配置:$BACKUP_ROOT/.backup_config
  • 日志文件:$BACKUP_ROOT/logs/backup.log
  • 快照目录:$BACKUP_ROOT/snapshots/

错误处理与恢复

常见错误处理

  1. 目录不存在:自动创建并继续
  2. 权限不足:提示用户检查权限
  3. 磁盘空间不足:建议清理旧备份
  4. 邮件发送失败:仅保存本地,记录错误
  5. 网络连接失败:重试一次后记录错误

技能自身恢复

如本技能配置损坏:

  1. 删除 $BACKUP_ROOT/.backup_config
  2. 重新触发设置流程
  3. 从最近的备份中恢复配置

安全与隐私

安全措施

  1. 敏感信息保护

    • 备份包含 credentials/ 目录,请妥善保管备份文件
    • 建议对备份存储位置设置适当权限

  2. 操作确认

    • 所有删除操作需用户确认
    • 所有关键操作记录详细日志

  3. 完整性验证

    • 每个备份文件附带校验文件
    • 恢复前必须验证完整性

隐私声明

  1. 本技能不收集用户数据
  2. 所有备份文件存储在用户指定的本地目录
  3. 邮件发送需用户明确配置邮件服务器
  4. 无远程数据传输(除非用户配置了邮件发送)

更新与维护

技能更新

当本技能更新时:

  1. 备份当前配置
  2. 应用更新
  3. 验证配置兼容性
  4. 如不兼容,提供迁移指南

用户数据迁移

如需要迁移备份数据:

  1. 导出当前配置
  2. 复制备份文件到新位置
  3. 更新 BACKUP_ROOT 设置
  4. 验证可访问性

重要提示:首次使用后,建议执行一次测试备份并验证恢复流程,确保备份系统按预期工作。

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…