← Back to Skills Marketplace
242
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install daily-backup
Description
每日 Git 备份。提交工作区所有变更,记录变更摘要。触发时机:cron 定时任务或手动调用。
README (SKILL.md)
Daily Backup
每日 Git 全量备份,记录变更摘要。
核心流程
- 读取 references/spec.md 获取详细规范
- 运行
scripts/auto-backup.sh - 检查是否有新提交
- 读取变更统计
- 生成报告并发送
触发时机
- cron 定时任务(建议每日)
- 用户明确要求时
投递规则(必须)
完成报告后,通过消息工具发送。
- 渠道:feishu
- 目标:\x3C飞书群ID或用户ID> 如果报告超过 3800 字符,分成多条消息发送。 每条消息必须语义完整(不断开 URL 或格式)。 如果发送失败,重试一次。如果仍然失败,输出错误——永远不要静默退出。
输出
- 报告位置:
data/exec-logs/daily-backup/YYYY-MM-DD.md - 消息推送到飞书群
Usage Guidance
Do not install or enable this skill until the missing pieces are clarified and reviewed. Specifically:
- Ask the author to provide scripts/auto-backup.sh and any other referenced scripts; review their contents line-by-line before execution. The script could run arbitrary shell commands.
- Require the skill manifest to declare required binaries (e.g., git) and any environment variables it needs (Feishu webhook or token, git remote credentials). Do not supply high-privilege or broadly-scoped credentials without justification.
- Confirm whether the backup will push to a remote repository and, if so, where (remote URL) and how authentication is handled. Avoid giving long-lived credentials; prefer a dedicated deploy key or webhook with least privilege.
- Because the instructions commit 'all workspace changes', audit the repository for secrets and consider running in an isolated environment or CI runner with limited access.
- Prefer Feishu webhooks (read-only inbound) over embedding tokens; insist the skill declare exactly how it will authenticate and which Feishu endpoint it will use.
- If you must test, do so in a throwaway repository/VM with no sensitive data and with network access restricted. If the author cannot provide the missing script or clear credential requirements, treat the skill as unsafe.
Capability Analysis
Type: OpenClaw Skill
Name: daily-backup
Version: 1.0.1
The skill bundle is classified as suspicious because it requires high-risk capabilities, specifically shell script execution (scripts/auto-backup.sh) and network communication to an external Feishu endpoint. While the instructions in SKILL.md and references/spec.md describe a legitimate backup workflow, the actual shell script content is missing from the bundle, and the automated reporting mechanism could be leveraged for data exfiltration if the underlying script is designed to collect sensitive information.
Capability Assessment
Purpose & Capability
The description promises a 'daily Git backup' that commits workspace changes and posts reports to Feishu. However, the skill does not declare required binaries (git), any environment variables or credentials for Feishu, nor the scripts it expects to run. Requiring arbitrary commit operations and remote messaging without declaring the need for git and Feishu credentials is inconsistent with the stated purpose.
Instruction Scope
SKILL.md directs the agent to run scripts/auto-backup.sh (not included) and to '提交工作区所有变更' (commit the entire workspace). Running a non-included shell script could execute arbitrary commands and the commit-all behavior risks staging secrets. The instructions also require sending reports to Feishu and strictly mandate retry/never-silent-fail behavior, but do not specify how to authenticate or which API/hook to use.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes direct disk writes from the skill itself. The remaining risk comes from the external shell script it intends to run (which is not bundled).
Credentials
The skill expects to post messages to Feishu and operate Git but declares no required environment variables or credentials (Feishu tokens/webhook, git credentials, remote repo auth). Absence of declared secrets is a mismatch: posting to an external chat and pushing to remote repos generally require credentials and those should be made explicit and limited.
Persistence & Privilege
always is false and the skill has no install-time persistence. It will run only when invoked (or by autonomous model invocation, which is the platform default). There is no evidence it modifies other skills or global agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install daily-backup - After installation, invoke the skill by name or use
/daily-backup - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- 更新了飞书推送目标的占位符说明,将具体 ID 替换为 "<飞书群ID或用户ID>"
- 其他内容与 1.0.0 版本保持一致
v1.0.0
Initial release of daily-backup.
- Automates daily Git backups, committing all workspace changes and summarizing differences.
- Can be triggered by a cron job or manual invocation.
- Generates detailed change reports, posted to Feishu group.
- Handles report delivery: splits long reports, ensures semantic completeness, and retries on failure.
- Stores backup logs by date for easy reference.
Metadata
Frequently Asked Questions
What is Daily Backup?
每日 Git 备份。提交工作区所有变更,记录变更摘要。触发时机:cron 定时任务或手动调用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 242 downloads so far.
How do I install Daily Backup?
Run "/install daily-backup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Daily Backup free?
Yes, Daily Backup is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Daily Backup support?
Daily Backup is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Daily Backup?
It is built and maintained by AxelHu (@axelhu); the current version is v1.0.1.
More Skills