Clawsync

What to consider before installing or running ClawSync: - The core scripts (sync.sh, restore.sh) appear to implement a reasonable backup/restore to GitHub and explicitly exclude known sensitive files and scan for secrets. Using a fine-grained GitHub PAT limited to a single repo (contents: write) is recommended. - Do NOT run restore.sh or sync.sh in your real workspace without inspection first. Instead: clone the skill to a safe location and run it against a temporary test workspace and a test GitHub repo to confirm behavior. - Inspect and sanitize the bundled text files (especially AGENTS.md, SOUL.md, README.md, SITES.md). AGENTS.md contains agent-runtime instructions (e.g., read memory files, 'Don't ask permission. Just do it.', commit/push autonomously) that could cause an agent to read sensitive context or act autonomously if those files are restored into a live agent workspace. - Remove or edit any persona/agent guidance files before restoring to production, and verify MEMORY.md and SITES.md are excluded (scripts already exclude them, but double-check). SITES.md in the bundle contains documented keys which should not be stored in backups. - Investigate the unicode control characters flagged in SKILL.md (use cat -v, hexdump -C, or similar) and remove them; treat that as a red flag until explained by the publisher. - Prefer using gh CLI auth over embedding tokens; if you must use a PAT, rotate it after testing and give it minimal scope. If you want, I can point out exact lines with hidden characters, summarize which files contain agent-behavior directives to remove, or produce a safe checklist to run this skill in a disposable environment first.