Backup & Restore

The skill's actions, files, and requirements align with a legitimate backup/restore tool for OpenClaw; minor implementation/security notes exist but the package is coherent with its stated purpose.

This skill appears to be what it claims: a backup/restore tool for OpenClaw that saves ~/.openclaw/ locally and to cloud destinations. Before installing or running it, consider the following: 1) The skill stores and reads sensitive files under ~/.openclaw/credentials/backup/ (API keys, service account JSON, and a backup-passphrase). Only populate those files if you trust the environment. 2) The scripts pass the GPG passphrase directly on the gpg command line (--passphrase), which can expose the passphrase to other local users via process listings; prefer storing the passphrase in a protected file (mode 600) and/or using gpg-agent or --passphrase-file. 3) Full restores replace your entire ~/.openclaw/ directory — keep the safety copies the scripts create and verify backups before deleting old state. 4) There is a small metadata inconsistency: the registry summary says no required env vars, but SKILL.md and the scripts expect BACKUP_* env vars; confirm how you will supply configuration (env vs config.json vs credential files). If these notes are acceptable and you control the credential files and host, the skill is coherent for its stated purpose.