ClawHub

绿联NAS OpenClaw备份

v1.0.4

绿联NAS OpenClaw Docker部署的备份与恢复工具 / Ugreen NAS OpenClaw Docker deployment backup and restore tool

0· 153·0 current·0 all-time
byzh4o@zh40
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md describes locating the OpenClaw workspace, creating tar.gz backups and restoring them. Required binary 'tar' is exactly what the instructions use and nothing else unusual is requested.
Instruction Scope
Instructions act on OpenClaw config and workspace paths (~/.openclaw) and on a user-specified or inferred backup directory — all are relevant. Minor issues: the SKILL.md assumes /root/.openclaw and running with permissions to read/write that path, has a small inconsistency in the tar path (uses .openclaw/ relative to OPENCLAW_DIR which may be redundant), and does not sanitize or validate a user-supplied BACKUP_DIR. Those shortcomings can lead to accidental overwrites if the inferred path is wrong or if the user supplies an unsafe path.
Install Mechanism
No install spec (instruction-only). This minimizes attack surface as nothing is downloaded or written by an installer.
Credentials
No environment variables, credentials, or external services are requested. The file and path access requested (OpenClaw workspace and a backup directory) aligns with the stated purpose.
Persistence & Privilege
always is false and the skill does not request persistent system-wide configuration or elevated platform privileges. It only describes one-off file operations invoked by the agent.
Assessment
This skill appears to do what it says, but review the commands before running: confirm OPENCLAW_DIR matches your installation (it assumes /root/.openclaw), verify the inferred BACKUP_DIR so you don't accidentally write backups to or extract into the wrong place, and ensure you have appropriate permissions. When restoring, stop the OpenClaw container as recommended and inspect the tar archive contents (tar -tzf ...) before extracting. Because the SKILL.md does not sanitize input, avoid running the provided snippets unchanged in an automated context — paste and inspect the lines, or run them step-by-step on a test system first. Finally, ensure you have enough disk space for ~45MB archives and keep backups off-device if you need higher resilience.

Like a lobster shell, security has layers — review code before you run it.

backupvk97e39xdk4pc4303m76qy7vpen834b2glatestvk978gm6ysb1vp6xs5pcxyatwv1834g66nasvk97e39xdk4pc4303m76qy7vpen834b2gopenclawvk97e39xdk4pc4303m76qy7vpen834b2g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💾 Clawdis
Binstar

Comments