backup

OpenClaw 会话重置-存档-备份完整工作流管理。自动化处理 Token 超限、闲置超时、手动重置时的四层数据存档体系，支持 GitHub/OneDrive 双备份。 TRIGGERS: - 用户说"设置存档工作流"、"配置自动备份" - 需要建立会话生命周期管理机制 - 想要自动化重置-存档-备份流程

Before installing or enabling this skill, confirm these points with the author and take precautions: - Credentials and storage: Ask exactly how the GitHub token is provided, stored, and scoped. Do not accept workflows that embed tokens into remote URLs. Prefer using a token stored in a secure env var with minimal repo permissions (only the repo push scope required), or a deploy key with narrowly scoped access. - Explicit consent for resets: Resolve the contradiction between 'ALWAYS ask' and the template's 'automatic reset without confirmation'. Require explicit, per-reset user confirmation if you do not want automatic destructive resets. - Inspect scripts before execution: The skill instructs creation/execution of PowerShell scripts (generate-ai-summary.ps1, backup.ps1). Get the actual script contents and review them for any network calls, credential exfiltration, or commands that modify other system components before running. - Limit data uploaded: Confirm what files will be uploaded. Backing up full raw-history and config files can leak sensitive personal data; prefer selective backups or private repos/storage and encryption at rest. - Run in an isolated environment first: Test the workflow in a disposable user account or VM so resets and file writes cannot affect your primary environment. - Logging and rollback: Ensure the skill records operations in a local log and provides a way to abort or roll back an unintended reset or upload. - Additional info that would raise confidence: (1) explicit declaration of required env vars and how tokens are handled, (2) the exact PowerShell script sources to review, (3) a guarantee that automatic resets are disabled unless explicitly permitted, and (4) guidance that GitHub pushes avoid embedding tokens in URLs and use secure auth methods. If the author cannot provide these assurances and the script contents, treat the skill as high-risk and do not enable it with access to real session data or production environments.

Type: OpenClaw Skill Name: session-archive-backup Version: 1.0.0 This skill bundle implements an automated session management and backup system that creates and executes local PowerShell scripts (scripts/backup.ps1 and scripts/generate-ai-summary.ps1). While the stated goal is user-controlled backups to GitHub and OneDrive, the system requires high-risk actions such as modifying PowerShell execution policies, reading all session history/configs, and potentially storing GitHub tokens in git remote URLs (references/troubleshooting.md). The use of a HEARTBEAT.md file to trigger automated script execution based on token usage or idle time creates a persistent execution mechanism that handles sensitive data, which is high-risk despite the requirement for user confirmation during setup.