← Back to Skills Marketplace
422
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install multi-device-sync-github
Description
Multi-device OpenClaw data synchronization using GitHub. Manages workspace data sync across multiple machines (Ubuntu, Mac, etc.) with automatic push on file...
Usage Guidance
What to consider before installing:
- Review code locally instead of running the curl | bash one-liner. Clone the repo (git clone https://github.com/RegulusZ/multi-device-sync-github.git) and inspect install.sh and the scripts before executing.
- Back up your workspace first. The installer will create symlinks and may remove original files (it does back them up by default in many cases, but verify backups exist before proceeding).
- Be deliberate about which paths you sync. Avoid syncing 'skills/' or other directories that may contain secrets, credentials, nested .git folders, or private configuration unless you understand the consequences.
- Use a private GitHub repository as recommended. If you accidentally push sensitive data, Git history can retain it—plan for .gitignore and history cleaning if needed.
- Verify authentication: the scripts rely on your existing git/SSH configuration; you will need working SSH keys or credential helpers for push/pull.
- Note the installer has small bugs (calls like sync-init.sh.sh). If you see execution errors, run the scripts manually from the cloned repo and fix the call names before running automated steps.
- If you want lower-risk testing, run the installer in a throwaway VM/container or test user account first to confirm behavior.
If you can share the exact repo URL or want, I can point out the exact lines that (1) delete files, (2) start daemons, and (3) would commit which paths so you can audit them quickly.
Capability Analysis
Type: OpenClaw Skill
Name: multi-device-sync-github
Version: 1.0.2
The skill is designed for multi-device data synchronization using GitHub, performing high-privilege operations like installing system packages, creating symlinks in the OpenClaw workspace, and running background daemons. While it includes several explicit safety features (e.g., local-only notifications, backups, confirmation prompts, selective git operations) and warns users about security, the 'Quick Install' method in SKILL.md and README.md uses `curl -fsSL ... | bash`. This pattern, although common, represents a significant supply chain vulnerability as it executes remote code directly without prior review, posing a remote code execution risk if the remote script or its hosting repository were compromised. Additionally, there are minor bugs like `sync-init.sh.sh` and `sync-daemon.sh.sh` typos in `install.sh` that would prevent proper execution. There is no evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints, credential theft, or stealthy backdoors.
Capability Assessment
Purpose & Capability
Name/description match the implementation: scripts perform git clone/push/pull, create symlinks from ~/.openclaw/workspace into ~/openclaw-sync, run a push watcher and periodic pull daemon. Requested permissions/variables are minimal and consistent (no unexpected cloud credentials or unrelated services).
Instruction Scope
Runtime instructions and installer perform high-impact local operations appropriate for a sync tool: creating/removing files and directories, creating symlinks, copying workspace data into the sync repo, starting background daemons, and running git operations (commit/push/pull/rebase). These operations are in-scope for a synchronization tool but are destructive if misconfigured (rm -rf, replacing workspace files after backup). The SKILL.md / installer suggests syncing 'skills/' and memory files — this can cause private data or other skill files to be placed under git version control; user should carefully choose which paths to sync. Also note some installer calls have a likely typo (calls like sync-init.sh.sh), which is a bug but not evidence of malice.
Install Mechanism
No formal install spec in registry; SKILL.md offers a convenience one-liner that pipes raw.githubusercontent.com content into bash (curl | bash). raw.githubusercontent.com is a common host for installers, but piping remote scripts to shell is intrinsically risky—recommended to git clone and inspect the repository before running. The shipped bundle already includes the installer and scripts so a local install (clone + review + run) is safer.
Credentials
The skill declares no required environment variables or credentials, which matches the code: it uses local git/SSH configuration for authentication (the user’s existing SSH keys or credential helpers). There are no hidden external endpoints; sync-notify.sh mentions Feishu but falls back to writing local notification files and printing. No disproportionate credential requests were found.
Persistence & Privilege
The scripts create persistent artifacts in the user home (~/.config/openclaw, ~/.openclaw, ~/openclaw-sync), start background processes (daemon + push watcher) and write log/PID files. This is expected for a long-running sync service, but it does give the skill ongoing presence on the machine and will run periodically until stopped—review/stop the daemon if you uninstall. always:false and no elevated persistent privileges were requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install multi-device-sync-github - After installation, invoke the skill by name or use
/multi-device-sync-github - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Improved scripts/sync-daemon.sh.
- No user-facing documentation or feature changes.
- No impact on SKILL.md content or usage instructions.
v1.0.1
Version 1.0.1
- Added a detailed Security & Safety section to SKILL.md, outlining default settings (auto-push disabled by default), installation safety recommendations, data protection measures, and required permissions.
- Updated installation instructions to encourage safe practices and code review prior to execution.
- Clarified that backups and confirmation prompts are provided for potentially destructive actions.
- No code or feature changes; documentation update only.
v1.0.0
Initial release of multi-device-sync-github.
- Synchronize OpenClaw workspace data across multiple devices via a private GitHub repository.
- Automatic file change detection with instant git push (Linux/macOS supported).
- Configurable periodic pull for remote updates and conflict detection.
- Interactive guided setup and manual install options provided.
- Selective file/folder sync and device-specific file naming.
- Includes CLI tools for status, manual sync, and conflict resolution.
Metadata
Frequently Asked Questions
What is Multi-Device Sync via GitHub?
Multi-device OpenClaw data synchronization using GitHub. Manages workspace data sync across multiple machines (Ubuntu, Mac, etc.) with automatic push on file... It is an AI Agent Skill for Claude Code / OpenClaw, with 422 downloads so far.
How do I install Multi-Device Sync via GitHub?
Run "/install multi-device-sync-github" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Multi-Device Sync via GitHub free?
Yes, Multi-Device Sync via GitHub is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Multi-Device Sync via GitHub support?
Multi-Device Sync via GitHub is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Multi-Device Sync via GitHub?
It is built and maintained by Leon (@regulusz); the current version is v1.0.2.
More Skills