OpenClaw GitHub Backup
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-github-backup Version: 1.0.0 The skill is a utility designed to backup OpenClaw configurations to a user-specified private GitHub repository. It includes scripts for installation (install.sh), activity monitoring (check-activity.sh), and the backup process (backup.sh). The code demonstrates security awareness by attempting to sanitize API keys in 'openclaw.json' before committing and explicitly warning users to use private repositories. While it performs high-risk operations such as pushing configuration data to a remote server, modifying global Git settings, and aggressively removing nested '.git' directories, these actions are transparently documented and directly support the stated purpose of the skill.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your conversations, memory, workspace files, and credential-related configuration could be committed to GitHub; a private repo reduces exposure but does not eliminate it.
The stated backup scope includes private agent history, memory databases, workspaces, and credential configuration files that will be copied to a GitHub repository.
✅ agents/ | All agent session history ... ✅ workspace-*/ | Agent workspaces ... ✅ memory/ | Agent memory databases ... ✅ credentials/ | Credential configurations
Use a dedicated private repository, review the file list before every push, exclude or encrypt credential and memory data by default, and add a secret-scanning step before upload.
Installing the skill can remove Git metadata from OpenClaw workspaces, extensions, or the backup repo itself, and can overwrite remote backup history.
During first backup the script runs from ~/.openclaw, deletes every .git directory it can find, and force-pushes to the configured remote.
cd "$OPENCLAW_DIR" ... find . -name ".git" -type d -exec rm -rf {} + ... git push -u origin main --forceDo not run the installer as-is. Remove the broad rm -rf .git cleanup, avoid force-push by default, and require explicit user review of destructive Git operations.
A failed commit or push can leave your live OpenClaw configuration with API keys replaced by placeholders, potentially breaking the gateway or agents until manually repaired.
The live openclaw.json is replaced with a sanitized copy before commit/push, and restoration happens only after those commands succeed; with set -e, an error can exit before restoration.
set -e ... mv openclaw.json.staged openclaw.json ... git commit -m "Auto backup: $timestamp" ... git push origin "$BACKUP_BRANCH" ... mv openclaw.json.original openclaw.json
Use a temporary staging copy or a separate worktree for sanitized backups, and add trap/finally cleanup so the original config is restored even if any Git command fails.
Users may believe the backup is broadly sanitized when many sensitive fields or credential files could still be committed.
The advertised sanitization only replaces exact apiKey JSON fields, while the backup includes other files and directories that may contain tokens, passwords, or secrets.
sed -E 's/"apiKey": "[^"]+"/"apiKey": "***SET_YOUR_API_KEY***"/g' "$input" > "$output"
Clearly document the sanitizer's limits, exclude credential directories unless explicitly approved, and implement broader secret detection before committing.
That key can be broader than needed for a single backup repository, and any local process with access to the private key could use the same GitHub SSH identity.
If no SSH key exists, the installer creates an unencrypted default SSH key and directs the user to add it as a GitHub account SSH key.
ssh-keygen -t ed25519 -C "openclaw-backup" -f ~/.ssh/id_ed25519 -N "" ... 添加到 GitHub → Settings → SSH Keys
Use a repo-scoped deploy key or fine-grained token limited to the backup repository, preferably with a passphrase and without changing broader account credentials.
Once scheduled, backups may continue to upload changes to GitHub without you manually initiating each run.
The skill is designed for recurring background backup checks, which is expected for this purpose but still means ongoing automated data sync.
a cron job will be created in OpenClaw to check for backup needs every hour
Only enable scheduling after reviewing exclusions and credentials, and monitor the repository for unexpected commits.