ClawHub

Healthy Backup

v1.2.5

Health-gated backup for OpenClaw rigs. Audits first — only backs up if healthy. Three tiers, 5-backup retention, optional rclone sync. Sensitive config value...

0· 333·1 current·1 all-time
by@littlejakub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match what the code does: audits, stages, encrypts, prunes, and optionally syncs backups. Required binaries (tar, gpg, jq, rsync) are exactly those the scripts use. No unexplained credentials, network calls, or unrelated dependencies are requested.
Instruction Scope
SKILL.md and the scripts explicitly enumerate every file and command used (openclaw.json, secrets manifest, backup.key, optional npm/ollama/crontab collectors, and rclone when configured). That transparency is good. Note: collecting Ollama model names is enabled by default (collectOllama=true) and will reveal installed model names; npm and crontab collection are opt-in.
Install Mechanism
Instruction-only skill with two shell scripts; no automated binary download or archive extraction performed by the skill itself. Recommended install steps are via package managers; the rclone binary-install instructions are documented and advise review before running.
Credentials
No required environment variables are declared. The script accepts BACKUP_PASSWORD as a fallback and reads ~/.openclaw/credentials/backup.key (recommended) — both are proportional to encrypting backups. It also reads openclaw.json and the secrets manifest (names only). These reads are documented and justified, but users should be comfortable granting the skill read access to those paths.
Persistence & Privilege
always is false; the skill is user-invocable and may be scheduled via an optional cron entry the setup wizard can install (explicit opt-in). It does not modify other skills or global agent settings.
Assessment
This skill appears coherent and well-documented for a local backup tool. Before installing: 1) run the provided --dry-run to see exactly what would be staged; 2) inspect the two scripts (healthy-backup.sh, setup.sh) yourself or review the listed file operations to confirm you are comfortable with reads of ~/.openclaw/openclaw.json, the secrets manifest (names only), and ~/.openclaw/credentials/backup.key; 3) if you don't want the tool to report installed ML models, set collectOllama to false in the config or decline that prompt during setup; 4) only enable rclone sync if you trust the configured remote; 5) note a metadata version mismatch: registry metadata shows 1.2.5 while included files claim 1.3.0 — minor but worth confirming you have the intended release. If any of these items are unacceptable, do not install or run the setup.

Like a lobster shell, security has layers — review code before you run it.

latestvk97drpwa6gtja0hcyqgec3rp7h82kyj6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🩺 Clawdis
Binstar, gpg, jq, rsync

Comments