ClawHub

Smart Git Backup

v1.0.0

Automates the backup of the OpenClaw workspace to a remote Git repository. Handles large file exclusions, validates git configuration, and performs intelligent sync with conflict resolution.

2· 769·3 current·3 all-time
by@vemec
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (git backup/sync) match the delivered assets: an instruction SKILL.md and a bash script that validates repo config, scans for large files, stages, commits and pushes. Required binaries (bash, git) are appropriate and proportional.
Instruction Scope
Instructions and script stay within the stated purpose (operate on the repository, update .gitignore for large files, commit and push). However the script automatically 'git add .' and commits/pushes without interactive confirmation and will append paths to .gitignore and run 'git rm --cached' on large files — these behaviors are potentially surprising and can cause sensitive files to be uploaded or removed from history unintentionally. There is no dry-run or explicit user confirmation step.
Install Mechanism
No install spec; skill is instruction-only plus a shell script. No downloads or external installers are used, so there is no additional install-time risk.
Credentials
The skill declares no required environment variables and does not request unrelated credentials. It does rely on existing Git credentials/configuration (SSH keys or credential helper) to push to the remote — expected for a Git backup, but it means whatever credentials are available to the agent will be used to push repository contents to the configured 'origin'.
Persistence & Privilege
The skill does not request persistent/always-on privileges and does not modify other skills or global agent settings. It writes to the repository (.gitignore and git index), which is within the scope of its stated function.
Assessment
This script does what it says: it stages, commits, and pushes the entire repository to the configured origin, and will append large-file paths to .gitignore and run git rm --cached on them. Before installing or running it: 1) Review the repository for secrets or sensitive files — do not run on workspaces that contain credentials you do not want uploaded. 2) Run it first in a test repo to confirm behavior. 3) Consider setting REPO_ROOT to a constrained path to limit scope. 4) Add or edit .gitignore beforehand to prevent accidental commits of secrets. 5) If you want safer behavior, modify the script to include a dry-run mode or an interactive confirmation before 'git add .', and to avoid automatic pushes (require explicit user approval). 6) Ensure the remote 'origin' points to a repository you control/trust. If you have limited security knowledge, don't run this on important workspaces without reviewing or adapting the script.

Like a lobster shell, security has layers — review code before you run it.

latestvk978rbrk2hv24q4reg256dzh11813cpd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📦 Clawdis
Binsbash, git

Comments