← Back to Skills Marketplace
271
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install workspace-backup-github
Description
Backup AI Agent workspace to GitHub - One-click backup for OpenClaw, Claude Code, Cursor, and other AI Agent workspaces to a private GitHub repository. Suppo...
Usage Guidance
This skill appears to do what it says (push workspace files to a private GitHub repo) but you should be cautious before using it:
- The skill asks for a GitHub personal access token (PAT) with broad 'repo' scope and embeds that token in the git remote URL (https://x-access-token:[email protected]/...). That token will be stored locally in the repo's .git/config and used each time the cron job runs — not in tracked files, but still present on disk and therefore at risk if the machine is compromised. Consider creating a narrowly scoped token or a separate machine account you can revoke easily.
- The SKILL.md claims 'sensitive data are NOT backed up' but there is no secret-scanning or redaction step in the script. Inspect your workspace for credentials, environment files, or keys before backing up. Add explicit exclusions or run a secret-scan (e.g., git-secrets, truffleHog) before the first commit.
- The script hard-codes WORKSPACE_DIR=/root/.openclaw/workspace. Verify this path is correct for your environment and that you understand which account will run the script (cron job). Running as root or with incorrect permissions may expose more data than intended.
- Prefer safer authentication options if possible: use an SSH deploy key, a GitHub App with limited permissions, or a token with the minimum required scopes. Avoid pasting long-lived tokens into third-party services; rotate/revoke tokens immediately if you suspect misuse.
- Test manually first: run the provided script locally with a throwaway repo or account, confirm it doesn't commit secrets, and verify where the token is stored. Only enable scheduled cron after confirming behavior.
If you want, I can: (1) help produce a checklist to inspect your workspace for secrets before backup, (2) suggest a safer deployment pattern (deploy key or restricted token), or (3) produce a modified script that avoids embedding tokens in git remotes (e.g., using git credential helper or SSH keys).
Capability Analysis
Type: OpenClaw Skill
Name: workspace-backup-github
Version: 1.3.0
This skill facilitates backing up the AI workspace to GitHub but exhibits high-risk credential handling and data exposure. It prompts the user for a GitHub Personal Access Token (PAT) with full 'repo' permissions and stores it in plain text within the '.git/config' file by embedding it in the remote URL (scripts/backup.sh). Additionally, while the documentation claims to exclude sensitive info, the backup process includes the 'skills/' and 'memory/' directories, which are highly likely to contain secrets or personal data, increasing the risk of accidental data exfiltration.
Capability Assessment
Purpose & Capability
The skill's name and description match the included script and instructions: it backs up a workspace to a GitHub repo. However, SKILL.md asserts 'Sensitive data (API keys, passwords) are NOT backed up' without any implemented mechanism to detect or remove secrets from tracked files. The script simply git-adds listed files and directories; there is no secret-scanning, redaction, or explicit exclusion of potentially sensitive files beyond a short exclusion list. The script also hard-codes WORKSPACE_DIR to /root/.openclaw/workspace, which is a privileged, non-portable path and may not match user environments.
Instruction Scope
The runtime instructions explicitly prompt the user to paste a GitHub token and instruct use of a token with full 'repo' scope. The instructions recommend embedding the token into the git remote URL (and the script constructs https://x-access-token:[email protected]/...), which means the token will exist in the local git config/remote URL and may be exposed locally (in .git/config, process logs, or backups if misconfigured). SKILL.md claims tokens aren't stored in files ('Token is stored in Git remote URL (not in files)') which is misleading: the remote URL is persisted in .git/config. There is no guidance in the skill to avoid committing secrets inside the workspace files themselves, no scanning/removal step, and no alternative safer options (e.g., deploy keys, GitHub App, or SSH key use).
Install Mechanism
This is instruction-only with a small shell script included; there is no installer that downloads or executes remote code. That lowers installation risk. The provided scripts are simple and readable; nothing is being fetched from arbitrary URLs or package registries.
Credentials
The skill does not declare required environment variables in the registry metadata, and it requests the GitHub token interactively at runtime — this is proportionate to the task. However, the requested token scope ('repo' full control of private repositories) is broad and gives the token full repository privileges. The way the token is used (embedded in remote URL) increases the chance of local exposure. The script's use of a hard-coded /root path may also require elevated permissions or assumptions about the runtime account.
Persistence & Privilege
always: false (not force-installed) and the skill uses OpenClaw's cron facility to schedule backups. Using cron to persist scheduled tasks is expected for a backup tool, but it does increase persistence and repeated use of the supplied token. There is no evidence the skill modifies other skills or global agent settings beyond adding a cron job for itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install workspace-backup-github - After installation, invoke the skill by name or use
/workspace-backup-github - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
Updated backup commands to include README.md, SYNC.md, .gitignore for complete workspace backup
v1.2.0
Complete English rewrite - now with full English description for global users
v1.1.0
支持任意AI Agent工作空间备份到GitHub,手动/自动双模式,交互式配置向导
Metadata
Frequently Asked Questions
What is workspace-backup-github?
Backup AI Agent workspace to GitHub - One-click backup for OpenClaw, Claude Code, Cursor, and other AI Agent workspaces to a private GitHub repository. Suppo... It is an AI Agent Skill for Claude Code / OpenClaw, with 271 downloads so far.
How do I install workspace-backup-github?
Run "/install workspace-backup-github" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is workspace-backup-github free?
Yes, workspace-backup-github is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does workspace-backup-github support?
workspace-backup-github is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created workspace-backup-github?
It is built and maintained by ziqi (@ziqi-jin); the current version is v1.3.0.
More Skills