← Back to Skills Marketplace
464
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install clawkeep
Description
Provides git-powered versioned backups and safe snapshot recovery for workspace files, with automated and manual snapshot options.
README (SKILL.md)
ClawKeep — Agent Skill
Git-powered versioned backups for your workspace. Every change tracked, every state recoverable.
Overview
ClawKeep gives you version-controlled backups of your workspace files. You can go back to any point in time if something goes wrong — a bad memory update, corrupted config, accidental deletion.
Prerequisites
ClawKeep must be installed globally:
npm install -g clawkeep
Verify: clawkeep --version
Setup (One Time)
Initialize ClawKeep on your workspace:
cd /path/to/your/workspace
clawkeep init
This creates:
.clawkeep/config.json— minimal config.clawkeepignore— patterns for files to skip (node_modules, .env, logs, etc.).gitignore— auto-synced from .clawkeepignore- An initial snapshot of all tracked files
Taking Snapshots
Watch Daemon (Recommended)
Start a background daemon that auto-snapshots on every file change:
clawkeep watch --daemon -d /path/to/workspace --interval 10000
- Runs in background, survives terminal close
- Debounces writes (default 10s) to avoid spam commits
- Stop with:
clawkeep watch --stop -d /path/to/workspace
Manual Snapshots
# Quick snapshot (only commits if files changed)
clawkeep snap -d /path/to/workspace -q
# Named snapshot
clawkeep snap -d /path/to/workspace -m "before risky changes"
Recovery
# See available snapshots
clawkeep log -d /path/to/workspace
# Restore to a specific snapshot (non-destructive — creates new commit)
clawkeep restore \x3Chash> -d /path/to/workspace
# Restore to N snapshots ago
clawkeep restore HEAD~3 -d /path/to/workspace
Restores are safe — they check out the old state and commit it as a new snapshot. Your full history is preserved.
Checking Status
# Quick status
clawkeep status -d /path/to/workspace
# See what changed since last snapshot
clawkeep diff -d /path/to/workspace
# View timeline
clawkeep log -d /path/to/workspace -n 10
Ignore Patterns
Edit .clawkeepignore in your workspace root to exclude files from tracking. Patterns are auto-synced to .gitignore.
Web Dashboard
clawkeep ui --daemon -d /path/to/workspace --port 3333
Visual timeline, file browser with time-travel, side-by-side diffs, one-click restore. Token-based auth is auto-generated.
Encrypted Backup Targets
For off-site encrypted backups, choose a target and follow its dedicated skill:
| Target | Skill | Description |
|---|---|---|
| Local path | skills/local/SKILL.md | NAS, USB drive, external disk, network share |
| S3 / R2 | skills/s3/SKILL.md | Cloudflare R2, AWS S3, Backblaze B2, MinIO, Wasabi |
| ClawKeep Cloud | skills/clawkeep-cloud/SKILL.md | Managed zero-knowledge backup with browser-based setup |
All targets use AES-256-GCM encryption. Your backup destination only sees opaque .enc chunk files — no file names, no metadata, no structure.
Quick Reference
| Action | Command |
|---|---|
| Initialize | clawkeep init -d \x3Cdir> |
| Auto-backup daemon | clawkeep watch --daemon -d \x3Cdir> |
| Stop daemon | clawkeep watch --stop -d \x3Cdir> |
| Manual backup | clawkeep snap -d \x3Cdir> -m "message" |
| View history | clawkeep log -d \x3Cdir> |
| Restore | clawkeep restore \x3Chash> -d \x3Cdir> |
| See changes | clawkeep diff -d \x3Cdir> |
| Launch dashboard | clawkeep ui --daemon -d \x3Cdir> --port 3333 |
| Stop dashboard | clawkeep ui --stop -d \x3Cdir> |
| Export encrypted | clawkeep export -d \x3Cdir> -p "password" |
Usage Guidance
This skill is instruction-only and asks you to install and run an unverified global npm package that will run background daemons and store credentials locally. That can be useful for backups but raises risk if the package or its server-side counterpart are untrusted. Before installing: 1) Verify the 'clawkeep' npm package page and source repository (look for a homepage, GitHub repo, recent maintainers, and code review). 2) Review the package code or its published tarball for any unexpected network calls, credential exfiltration, or privileged behavior. 3) Prefer running it in an isolated environment (container, dedicated VM) and avoid giving it more permissions than necessary. 4) If using cloud targets, limit and rotate S3/API keys and understand where credentials are stored (.clawkeep/config.json). 5) Do not enable persistent daemons on shared/production agents until you have verified the code and security claims (zero-knowledge encryption, client-side encryption). If you can provide the package homepage/repo or the installed package's code, I can re-evaluate and raise confidence.
Capability Analysis
Type: OpenClaw Skill
Name: clawkeep
Version: 0.2.9
The OpenClaw AgentSkills skill bundle for 'ClawKeep' is designed for legitimate version-controlled backups. It instructs the agent to install a global npm package (`clawkeep`), initialize workspaces, manage local and cloud backups, and run background daemons using `clawkeep` commands or `pm2`. All described actions, including extensive file system access, network communication (for cloud/S3 targets and web UI), and persistence, are directly aligned with the stated purpose of a backup solution. The skill's documentation (SKILL.md, clawkeep-cloud/SKILL.md, local/SKILL.md, s3/SKILL.md) explicitly details security features like AES-256-GCM encryption, zero-knowledge principles, client-side encryption, and secure handling of passwords (browser-based setup, keyless daemons). While S3 credentials are noted to be stored locally in `.clawkeep/config.json`, this is transparently disclosed as a design choice for the `clawkeep` tool's operation, not an attempt by the skill to exfiltrate data. There is no evidence of prompt injection attempts, obfuscation, or malicious intent within the skill bundle's instructions.
Capability Assessment
Purpose & Capability
Name and description (git-powered, versioned backups) match the runtime instructions (clawkeep CLI commands, snapshot/restore flow). However, the skill requires installing a third-party global npm CLI (clawkeep) and relies on external services (S3, ClawKeep Cloud) even though no provenance (homepage, repo) is provided — reasonable for the stated purpose but lacking source verification.
Instruction Scope
The SKILL.md tells the agent to install and run a global CLI, start background daemons (watch, ui, sync) and use PM2/systemd to persist them; it also instructs storing credentials in a local config file and using browser flows or API keys. Those actions go beyond a transient helper and give the tool ongoing access to arbitrary workspace files and secrets on disk. The instructions also assert security properties (zero-knowledge, client-side encryption, no metadata leakage) that cannot be validated from these docs alone.
Install Mechanism
There is no install spec in the registry bundle; the docs instruct the user to run 'npm install -g clawkeep' which will fetch and install code from the public npm registry. Installing an unverified global npm package that runs daemons is moderate-to-high risk when the package source/repo isn't provided for review. Because the package will run background processes and write local config, verifying its provenance and code is important.
Credentials
The instructions request S3/R2/API keys and show env var examples (CLAWKEEP_S3_ACCESS_KEY etc.) — these are proportionate for cloud backup targets. The skill also documents storing credentials in '.clawkeep/config.json' and recommends a 'set-password' flow (claiming no password in env after setup). Storing secrets on disk and allowing a keyless daemon introduces local secret persistence which should be considered when deploying on shared hosts or agents.
Persistence & Privilege
The instructions explicitly encourage persistent background daemons and using PM2/systemd to autostart the backup watcher and UI. Although the skill metadata does not force 'always:true', following these instructions will give the installed CLI long-lived access to workspace files and any stored credentials, increasing blast radius if the package is malicious or buggy.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawkeep - After installation, invoke the skill by name or use
/clawkeep - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.9
ClawKeep 0.2.9 Changelog
- Added a comprehensive SKILL.md documentation covering setup, integration options, recovery, status checks, web dashboard, ignore patterns, encrypted backups, cloud & S3 targets, encrypted export, and programmatic usage.
- Improved guidance for secure, keyless cloud sync with agent-friendly setup and password management.
- Enhanced instructions for continuous, heartbeat-based, and intentional snapshot workflows.
- Detailed backup and restore procedures, including local, S3-compatible, and ClawKeep Cloud targets with encryption.
- Included a quick command reference and best practices for seamless workspace protection.
Metadata
Frequently Asked Questions
What is Clawkeep?
Provides git-powered versioned backups and safe snapshot recovery for workspace files, with automated and manual snapshot options. It is an AI Agent Skill for Claude Code / OpenClaw, with 464 downloads so far.
How do I install Clawkeep?
Run "/install clawkeep" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Clawkeep free?
Yes, Clawkeep is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Clawkeep support?
Clawkeep is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Clawkeep?
It is built and maintained by TacoDevs (@taco-devs); the current version is v0.2.9.
More Skills