ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

VPS Backup

v1.0.0

Automated daily VPS backup using restic — backs up OpenClaw workspace, SSH keys, project code, and session transcripts. Configures encrypted incremental snap...

0· 77·0 current·0 all-time
byCarina MacInnes@codaire

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for codaire/vps-backup.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "VPS Backup" (codaire/vps-backup) from ClawHub.
Skill page: https://clawhub.ai/codaire/vps-backup
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install vps-backup

ClawHub CLI

Package manager switcher

npx clawhub@latest install vps-backup
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (VPS backup using restic) matches the included script and docs: it backs up OpenClaw state, project code, SSH keys, and session transcripts. However, the registry metadata declares no required environment variables even though the SKILL.md and script rely on BACKUP_PASSWORD/RESTIC_PASSWORD and optionally RCLONE_DEST; that's an incoherence between declared requirements and actual behavior.
!
Instruction Scope
Instructions and the script will read and archive highly sensitive data (e.g., ~/.ssh and exported session transcripts) and instruct the user how to push backups offsite via rclone. The docs recommend fetching and running an external export_sessions.py from a GitHub URL — that external script could modify what gets archived or exfiltrate data. The script itself also captures hostname and node version; those are minor but potentially identifying. Overall the scope stays within 'backup' but includes sensitive data and a third-party downloader, which increases risk.
Install Mechanism
This is an instruction-only skill (no install spec). The SKILL.md suggests downloading restic and rclone from their official release pages (GitHub/releases and downloads.rclone.org), which is common practice. No opaque or shortened URLs are used for the primary tools. The only third-party fetch of concern is the session archiver raw GitHub URL referenced in docs/config.md.
!
Credentials
The skill relies on sensitive environment values (BACKUP_PASSWORD / RESTIC_PASSWORD and optionally RCLONE_DEST) but the registry metadata lists no required env vars; this mismatch is misleading. The backup targets include ~/.ssh and session transcripts — backing these up locally is reasonable for a full backup, but pushing them offsite (via rclone) can expose private keys and chat history if the remote is not fully controlled/trusted. The skill does not declare these env requirements in metadata, which reduces transparency.
Persistence & Privilege
No unusual persistence or elevated privileges are requested (always:false). The script runs as the user, writes into the user's backup directory, and suggests cron scheduling under the user's crontab. Autonomous invocation (disable-model-invocation:false) is normal platform behavior and not by itself concerning here.
What to consider before installing
Before installing or running this skill: (1) Understand sensitivity — it will back up ~/.ssh and exported session transcripts; decide whether you want those included or excluded. (2) Verify and audit export_sessions.py before using it (the docs point to a raw GitHub URL) — don't run an unreviewed downloader that could exfiltrate or modify data. (3) If using offsite push, ensure RCLONE_DEST points to a trusted destination and that access credentials for that remote are handled securely; avoid sending private keys/chat logs to third-party storage. (4) The skill uses BACKUP_PASSWORD/RESTIC_PASSWORD but the registry metadata does not declare these env vars — make sure you securely generate and store the password (as recommended) and confirm where RESTIC_PASSWORD is set. (5) Consider removing ~/.ssh from BACKUP_PATHS or encrypting the repo and limiting remote retention if you don't want private keys backed up. (6) Prefer inspecting the script locally and testing on a non-production VM first. If you want, I can: (a) list exact lines in scripts that touch sensitive files, (b) show what export_sessions.py would be expected to do given its repo, or (c) suggest a safer backup config that excludes secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk9703pa7tjr27ar1mcqds377v9841shf
77downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
Carina MacInnes@codaire
latest
Download

VPS Backup Skill

Automated daily backup for OpenClaw VPS deployments using restic — encrypted, incremental, deduplicating snapshots with retention management and optional offsite push.

What Gets Backed Up

PathContentsWhy
~/.openclawWorkspace, memory, sessions, configsCore agent state
~/.config/opencodeAgents, skills, OpenCode modelsAgentic coding setup
~/.sshSSH keysAccess to all services
~/.npm-globalGlobal npm packagesTools installed
~/workspace/projectsAll project source codeYour work
Session transcriptsExported via export_sessions.pyHuman-readable chat history

Excluded (reconstructable): node_modules/, __pycache__/, *.pyc, *.log, tmp/, *.sqlite, .cache/

Setup

1. Install restic

# Linux (others: https://restic.net/install/)
curl -LO https://github.com/restic/restic/releases/latest/download/restic_linux_amd64.tar.gz
tar xzf restic_linux_amd64.tar.gz
sudo mv restic /usr/local/bin/
restic version

2. Install rclone (for offsite push — optional)

curl -LO https://downloads.rclone.org/rclone-current-linux-amd64.zip
unzip rclone-current-linux-amd64.zip
sudo cp rclone-linux-amd64/rclone /usr/local/bin/
rclone version

3. Configure the script

Edit the top config section of scripts/vps-backup.sh:

BACKUP_ROOT="/home/dev/backup/vps-daily"    # local backup root
BACKUP_PATHS=(                                    # what to back up
    "/home/dev/.openclaw"
    "/home/dev/.config/opencode"
    "/home/dev/.ssh"
    "/home/dev/.npm-global/lib/node_modules"
    "/workspace/projects"
)
SESSION_EXPORT="/home/dev/.openclaw/workspace/scripts/export_sessions.py"

4. Set encryption password

# Generate a strong password
openssl rand -base64 32 > ~/.backup-password
chmod 600 ~/.backup-password

5. (Optional) Configure rclone for offsite push

rclone config
# Follow prompts to add your cloud storage (Backblaze B2, Google Drive, etc.)

6. Schedule daily run

# Add to crontab (runs at 3am UTC daily)
0 3 * * * export BACKUP_PASSWORD=$(cat ~/.backup-password) && export PATH="$HOME/bin:$PATH" && bash /path/to/vps-backup.sh >> /var/log/vps-backup.log 2>&1

Or schedule via OpenClaw cron:

every: 24h | sessionTarget: isolated | model: glm-5
message: "Run: export BACKUP_PASSWORD=$(cat ~/.backup-password) && export PATH=\"$HOME/bin:$PATH\" && bash /home/dev/scripts/vps-backup.sh"

Daily Usage

# Run backup manually
export BACKUP_PASSWORD=$(cat ~/.backup-password)
export PATH="$HOME/bin:$PATH"
bash /home/dev/scripts/vps-backup.sh

# Check snapshot count
export RESTIC_PASSWORD=$(cat ~/.backup-password)
export PATH="$HOME/bin:$PATH"
restic snapshots --repo /home/dev/backup/vps-daily/restic-repo

# Verify backup integrity
restic check --repo /home/dev/backup/vps-daily/restic-repo

# List repo size
du -sh /home/dev/backup/vps-daily/

Restore

# Restore latest snapshot of a specific path
export RESTIC_PASSWORD=$(cat ~/.backup-password)
export PATH="$HOME/bin:$PATH"
restic restore latest \
  --repo /home/dev/backup/vps-daily/restic-repo \
  --target /tmp/restore \
  --path /home/dev/.openclaw

# List snapshots for a specific date
restic snapshots --repo /home/dev/backup/vps-daily/restic-repo \
  --tag date-2026-03-31

# Restore a specific snapshot by ID
restic restore abc123 \
  --repo /home/dev/backup/vps-daily/restic-repo \
  --target /tmp/restore

Offsite Push

Set the RCLONE_DEST environment variable before running:

# Backblaze B2 example:
export RCLONE_DEST="b2:my-bucket/vps-backups"
export BACKUP_PASSWORD=$(cat ~/.backup-password)
export PATH="$HOME/bin:$PATH"
bash /home/dev/scripts/vps-backup.sh
# Output includes: "Offsite push done ✓"

# Google Drive:
export RCLONE_DEST="gcache:openclaw-backups"

The script automatically detects rclone and RCLONE_DEST and syncs after each backup.

Retention Policy

LevelKeep
Daily7
Weekly4
Monthly6

Old snapshots are pruned automatically after each run.

Health Check

The script checks for at least one snapshot in the last 26 hours. If missing, it logs a HEALTH FAILED error.

Add a monitoring check to your alerting:

# Alert if no recent backup
RECENT=$(RESTIC_PASSWORD=$(cat ~/.backup-password) restic snapshots \
  --repo /home/dev/backup/vps-daily/restic-repo \
  --json 2>/dev/null | python3 -c "
import sys,json,datetime
cutoff=datetime.datetime.now(datetime.timezone.utc)-datetime.timedelta(hours=26)
print(sum(1 for s in json.load(sys.stdin)
  if datetime.datetime.fromisoformat(s['time'].replace('Z','+00:00'))>cutoff))
")
if [ "$RECENT" -eq 0 ]; then
  echo "ALERT: No backup in 26h!"
fi

Files

  • scripts/vps-backup.sh — the backup script
  • scripts/export_sessions.py — session transcript exporter (optional but recommended)
  • docs/config.md — environment variable reference

Comments

Loading comments...