← Back to Skills Marketplace

openclaw-backup-restore

Name: openclaw-backup-restore
Author: brunovu20

by Bruno · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install claw-home-dir-backup-restore

Description

Backup or restore your entire OpenClaw setup including config, agents, skills, credentials, and workspace as a timestamped portable .tar.gz archive.

README (SKILL.md)

OpenClaw Backup & Restore Skill

Snapshot and migrate your complete OpenClaw setup — config, agents, flows, skills, credentials, memory, and workspace — as a single portable archive.

What this skill does

Backup: Archives the entire ~/.openclaw/ directory into a timestamped .tar.gz (or .tar.gz.gpg if encrypted) — no files excluded.
Restore: Extracts an archive back into ~/.openclaw/, preserving directory structure and permissions, so OpenClaw works immediately after extraction.
List: Shows available backup archives in the configured output directory.
Verify: Validates a backup archive's integrity before restore.

Use this skill when the user says:

"backup my openclaw setup"
"migrate openclaw to my new machine"
"snapshot my openclaw config"
"restore openclaw from backup"
"what backups do I have?"

What is backed up

The entire ~/.openclaw directory — every file and subdirectory — is included in the archive. No exclusions. The restored machine gets an exact copy of the original, and OpenClaw works immediately without any missing configuration, credentials, skills, or state.

See references/paths.md for details on sensitive paths and restore-time permissions.

Workflow

Backup

Resolve the OpenClaw home directory (OPENCLAW_HOME, defaults to ~/.openclaw).
Resolve the output directory (BACKUP_DIR, defaults to ~/openclaw-backups).
Archive the full ~/.openclaw directory into a timestamped .tar.gz.
Optionally encrypt with GPG: --encrypt flag or BACKUP_GPG_RECIPIENT env var.
Print the archive path and size.

Restore

Validate the archive (non-empty, valid gzip, no path traversal).
Warn if ~/.openclaw already exists and prompt for confirmation (or use --force).
Optionally decrypt if .gpg extension detected.
Extract to ~/.openclaw/ with --strip-components=0.
Fix permissions on sensitive files (credentials/, secrets/, identity/).
Print a summary of restored paths.

List

Print all .tar.gz and .tar.gz.gpg files in BACKUP_DIR with size and date.

Verify

Run gzip -t on the archive and list its top-level contents without extracting.

Scripts

Script	Purpose
`scripts/backup.sh`	Create a backup archive
`scripts/restore.sh`	Restore from a backup archive

Usage examples

# Create a backup in ~/openclaw-backups/
bash scripts/backup.sh

# Backup to a custom directory
bash scripts/backup.sh --output /Volumes/USB/backups

# Backup with GPG encryption
bash scripts/backup.sh --encrypt [email protected]

# List available backups
bash scripts/backup.sh --list

# Verify a backup without restoring
bash scripts/restore.sh --verify openclaw-backup-2026-05-24_120000.tar.gz

# Restore (will prompt before overwriting)
bash scripts/restore.sh openclaw-backup-2026-05-24_120000.tar.gz

# Restore without confirmation prompt
bash scripts/restore.sh --force openclaw-backup-2026-05-24_120000.tar.gz

# Restore to a custom openclaw home
bash scripts/restore.sh --home /opt/openclaw openclaw-backup-2026-05-24_120000.tar.gz

Migration workflow (old machine → new machine)

On the old machine: run bash scripts/backup.sh — copy the .tar.gz to the new machine.
On the new machine: install OpenClaw binary, then run bash scripts/restore.sh \x3Carchive>.
OpenClaw will start with your full config, agents, skills, credentials, and workspace intact.

Security notes

credentials/ and secrets/ contain sensitive API keys. Keep backups in a secure location.
Use --encrypt with a GPG key for backups stored in cloud storage or on shared drives.
The restore script sets chmod 700 on sensitive directories automatically.

Guardrails

Never extract archives with path components that escape ~/.openclaw/ (path traversal check).
Always show the archive size and file count after backup so the user can sanity-check completeness.
If OpenClaw is running during backup, warn the user — SQLite databases may be in a dirty state.
Do not backup identity/device-auth.json without informing the user it contains auth tokens.

Usage Guidance

Install only if you intentionally want a full-fidelity backup that includes secrets and login/session material. Use GPG encryption for every backup before moving it off the machine, avoid unencrypted cloud or removable-media storage, restrict file permissions, and rotate credentials if an archive may have been exposed.

Capability Assessment

⚠ Purpose & Capability

The backup/restore purpose is coherent, but the capability captures the entire ~/.openclaw tree, including credentials, secrets, identity tokens, memory, and workspace; README also claims some transient data is excluded while the script performs an unrestricted tar of the directory.

⚠ Instruction Scope

Actions are user-directed, but default backups are unencrypted .tar.gz files and migration guidance mentions USB, cloud, or SCP transfer without requiring encryption; SKILL.md says users should be informed before backing up identity/device-auth.json, but backup.sh does not give that specific warning.

✓ Install Mechanism

No suspicious install-time behavior was found; the only declared install helper is optional gnupg for encryption, and static scan reported clean with no VirusTotal telemetry supplied.

⚠ Credentials

Full access to ~/.openclaw is purpose-aligned for exact migration, but it is high-impact because it bundles reusable credentials and private workspace state into a portable file with encryption only optional.

⚠ Persistence & Privilege

The scripts do not add a daemon or seek elevated privileges, but backups extend session persistence beyond the original machine, and restore can replace an OpenClaw home after a prompt or with --force while preserving the old directory.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install claw-home-dir-backup-restore
After installation, invoke the skill by name or use /claw-home-dir-backup-restore
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of portable backup and restore for OpenClaw installations. - Backs up the entire `~/.openclaw` directory into a portable `.tar.gz` (supports GPG encryption). - Restores archives safely, preserving existing setups with timestamped backups. - Includes scripts to list backups and verify archive integrity. - Ensures all configuration, agents, flows, credentials, skills, and workspace data are included. - Adds guardrails for security (permission fixes, path traversal checks, warnings for sensitive files). - Compatible with macOS and Linux; requires bash, tar, gzip; optional: gpg for encryption.

Metadata

Slug claw-home-dir-backup-restore

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is openclaw-backup-restore?

Backup or restore your entire OpenClaw setup including config, agents, skills, credentials, and workspace as a timestamped portable .tar.gz archive. It is an AI Agent Skill for Claude Code / OpenClaw, with 89 downloads so far.

How do I install openclaw-backup-restore?

Run "/install claw-home-dir-backup-restore" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is openclaw-backup-restore free?

Yes, openclaw-backup-restore is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does openclaw-backup-restore support?

openclaw-backup-restore is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created openclaw-backup-restore?

It is built and maintained by Bruno (@brunovu20); the current version is v1.0.0.

More Skills