Description

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto...

README (SKILL.md)

ClawVault — Portable Agent Environment

Name: ClawVault
Author: getlighty

You are an OpenClaw agent with the clawvault skill installed. This skill gives you automatic, continuous sync of the user's knowledge and environment across all their machines — like iCloud for AI agents.

Architecture

ClawVault works like a combination of iCloud and Git:

Auto-sync: file changes are detected, auto-committed, and pushed
Versioned: every change is a commit — full history, rollback anytime
Encrypted: Ed25519 keypair per installation — private key never leaves the machine
Multi-provider: user picks where their vault lives

Providers

Provider	Type	Setup
ClawVault Cloud	Managed (paid per MB)	One command — `clawvault cloud signup`
Google Drive	BYOS (free)	OAuth flow via `clawvault provider gdrive`
Dropbox	BYOS (free)	OAuth flow via `clawvault provider dropbox`
FTP/SFTP	BYOS (free)	Host + credentials via `clawvault provider ftp`
Git	BYOS (free)	Any git remote via `clawvault provider git`
S3	BYOS (free)	Any S3-compatible via `clawvault provider s3`
WebDAV	BYOS (free)	Nextcloud etc via `clawvault provider webdav`
Local	BYOS (free)	USB/NAS mount via `clawvault provider local`

"BYOS" = Bring Your Own Storage. Free forever. ClawVault Cloud is the convenience option for people who don't want to manage storage.

What Syncs

ALWAYS SYNCED (shared knowledge pool):
  identity/USER.md          Who you are
  knowledge/MEMORY.md       Long-term memory
  knowledge/projects/       Project context
  requirements.yaml         System packages
  skills-manifest.yaml      Installed skills list

NEVER AUTO-SYNCED (per-instance):
  local/SOUL.md             This agent's personality
  local/IDENTITY.md         This agent's identity
  local/config-override     Local config tweaks

OPT-IN SYNC:
  openclaw config.json      Gateway/model config
  credentials/              Channel auth (encrypted separately)

Commands

When the user asks about vault operations, use these:

First-Time Setup

"set up clawvault" → clawvault.sh init — creates vault, generates Ed25519 keypair, scans packages
"use clawvault cloud" → clawvault.sh cloud signup — creates cloud account, auto-configures provider
"use google drive for vault" → clawvault.sh provider gdrive — OAuth flow for Google Drive
"use dropbox for vault" → clawvault.sh provider dropbox
"use FTP for vault" → clawvault.sh provider ftp — asks for host, port, credentials

Daily Use (mostly invisible)

"sync status" → clawvault.sh status — show sync state, last push/pull, provider info
"sync now" → sync-engine.sh push — force immediate sync
"show vault history" → sync-engine.sh log — show commit history (like git log)
"rollback vault" → sync-engine.sh rollback — revert to previous state
"what changed" → sync-engine.sh diff — show pending changes

Packages

"scan packages" → track-packages.sh scan
"what's different from vault" → track-packages.sh diff
"install missing packages" → track-packages.sh install — shows commands, asks before running

Migration

"migrate to this machine" / "pull from vault" → migrate.sh pull — interactive restore wizard
"push my soul to vault" → migrate.sh push-identity — explicit opt-in only

Profiles

Each machine backs up to its own named profile (default: hostname). Profiles are separate — different machines can have different knowledge, memory, and packages without interfering with each other.

"show profile" / "what profile am I on" → clawvault.sh profile show — displays current profile name
"list profiles" / "what profiles exist" → clawvault.sh profile list — lists all profiles in the remote storage
"rename profile" → clawvault.sh profile rename \x3Cnew-name> — renames this machine's profile
"restore from another machine" / "pull profile X" → clawvault.sh profile pull \x3Cname> — restores a specific profile to this machine (overwrites local vault with that profile's data, does NOT affect the source)

Key Management

"show my vault key" → keypair.sh show-public — display public key (for adding to providers)
"regenerate vault key" → keypair.sh rotate — generates new keypair, re-registers with provider

Behavior Rules

Auto-sync is ON by default after setup — like iCloud. The user should not have to think about syncing. Changes are pushed within 30 seconds.
Never sync SOUL.md or IDENTITY.md without explicit permission.
Always confirm before installing packages. Show the diff, let them pick.
Private key never leaves the machine. It's stored in ~/.clawvault/keys/ with 600 permissions. The public key is registered with the vault provider.
Conflicts: If remote has changes the user hasn't seen, show a diff and let them choose. Auto-merge for non-conflicting changes (like git).
Be transparent about costs. If using ClawVault Cloud, show current usage and estimated cost when asked. Never surprise the user with charges.
Offline-first. Everything works locally. Sync happens when connectivity is available. Queue changes and push when back online.
Profiles are separate by default. Each machine pushes to its own named profile (default: hostname). Profiles never merge automatically. If the user wants data from another machine, they must explicitly pull that profile with clawvault.sh profile pull \x3Cname>.

ClawVault Cloud Pricing

When users ask about pricing:

First 50 MB free — enough for most single-user vaults
$0.005/MB/month after that (~$0.50/month for 100 MB extra)
No per-instance fees — connect unlimited machines
No bandwidth fees — sync as often as you want
Example: typical vault is 10-30 MB → completely free
Example: power user with 200 MB → $0.75/month
Example: team vault with 2 GB → ~$10/month

Usage Guidance

This skill is largely coherent with its stated purpose, but take these precautions before installing or running it: 1) Inspect the scripts (especially providers/* and sync-engine.sh) to confirm what paths will be read and which files will be uploaded. 2) Do not opt into syncing any 'credentials' or channel/token directories unless you understand how they are encrypted and you trust the storage endpoint. 3) If you plan to use 'ClawVault Cloud', know that the repository includes server-side code that expects DB/Stripe/S3 credentials — using the managed cloud means trusting whoever runs that service. 4) Run the tool first in a safe environment (VM/container) or with a test vault to observe behavior, and review the keypair handling (private key should remain local). 5) If you require a higher assurance level, consider self-hosting the cloud components and inspect the provider registration flows to ensure signing and registration are implemented as expected.

Capability Analysis

Type: OpenClaw Skill Name: getlighty-clawvault Version: 3.0.0 The skill is classified as suspicious due to several critical vulnerabilities and risky practices. The most severe issue is a potential Remote Code Execution (RCE) vulnerability in `track-packages.sh` where `eval "$cmd"` is used to install packages. If a malicious package name were injected into the vault's `requirements.yaml` (e.g., via a compromised BYOS Git repo or cloud provider), this could lead to arbitrary command execution on the agent's machine. Additionally, several provider scripts (`providers/dropbox.sh`, `providers/gdrive.sh`, `providers/s3.sh`, `providers/webdav.sh`) use `curl https://rclone.org/install.sh | bash` for `rclone` installation, which is a significant supply chain risk. The use of `StrictHostKeyChecking=no` in `providers/ftp.sh` and `providers/git.sh` also weakens SSH security, making it susceptible to MITM attacks. While the skill's stated purpose is legitimate and it attempts to protect sensitive local files, these vulnerabilities make it highly exploitable.

Capability Assessment

✓ Purpose & Capability

The name/description (portable encrypted vault + optional managed cloud) matches the repository: local bash CLI, provider scripts (gdrive, dropbox, git, s3, ftp, webdav, local) and a Node.js 'ClawVault Cloud' API with billing/storage code. Including server code for an optional managed cloud is plausible (self-host or operator-run) and consistent with the advertised 'ClawVault Cloud' option.

ℹ Instruction Scope

The SKILL.md explicitly instructs the agent to run local shell scripts (clawvault.sh, sync-engine.sh, migrate.sh, track-packages.sh, keypair.sh). Those scripts read/wrote files under ~/.clawvault, import certain OpenClaw workspace files, scan installed packages, and may start an auto-sync daemon. The documented defaults exclude SOUL.md and IDENTITY.md and mark credentials as opt-in, which limits broad exfiltration; however auto-sync is ON by default after setup and the tool can read the user's OpenClaw workspace and package lists—so verify what will be synced before use and do not opt into syncing credential directories unless you trust the provider and encryption.

✓ Install Mechanism

There is no external install spec; the skill is instruction + scripts. No remote downloads or archive extraction are invoked by a platform installer. Risk is limited to running the included shell scripts locally (they will create ~/.clawvault and may start processes), so audit scripts before running.

ℹ Credentials

The skill package itself declares no required env vars for client-side operation. The included Cloud API server code, however, expects server-side environment variables (DATABASE_URL, STRIPE_SECRET_KEY, STRIPE_PRICE_ID, optional S3 credentials, STORAGE_PATH), which is appropriate if you self-host or operate the managed service but are not required for local use. Provider setup will prompt for third-party storage credentials when you select BYOS (expected).

✓ Persistence & Privilege

always is false. The skill writes a vault directory (~/.clawvault), generates a local Ed25519 keypair (private key stored with restrictive permissions) and can run a background sync engine/daemon. That level of persistence and local file access is expected for a syncing vault; it does not request elevated system privileges or alter other skill configurations.

Version History

v3.0.0

Multi-profile support: separate backups per machine, profile list/pull/rename

v2.2.0

ClawVault Cloud fully working: auto key registration, HTTP/1.1 fix

v2.1.1

Fix Linux base64 wrapping in signatures, live Cloud API

v2.1.0

ClawVault Cloud is live — zero-config cloud provider now works

v2.0.4

Fix sync stop to kill orphaned fswatch, fix git push race condition

v2.0.3

Fix git provider sync: fetch-reset-apply-push model, sync_to_openclaw on pull, Linux stat fix

v2.0.2

Fix stat permissions check on Linux

v2.0.1

Fix keypair format: OpenSSH for SSH providers, PEM derived for API signing

v2.0.0

Initial release — portable identity vault for OpenClaw

Metadata

Slug getlighty-clawvault

Version 3.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 9

Frequently Asked Questions

What is ClawVault?

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto... It is an AI Agent Skill for Claude Code / OpenClaw, with 636 downloads so far.

How do I install ClawVault?

Run "/install getlighty-clawvault" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawVault free?

Yes, ClawVault is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ClawVault support?

ClawVault is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawVault?

It is built and maintained by getlighty (@getlighty); the current version is v3.0.0.

More Skills

ClawVault