← Back to Skills Marketplace

OpenClaw Self Backup & Restore

Name: OpenClaw Self Backup & Restore
Author: liuyue8135

by liuyue8135 · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

241

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install yuebao-self-backup

Description

Backup and restore OpenClaw agent configuration, skills, memory, and workspace files. Use when asked to "backup", "backup yourself", "create a restore point"...

Usage Guidance

This skill appears to do what it says: create and restore local backups of OpenClaw configuration, skills, memory and credential files. Before using it, consider the following: (1) Backups include sensitive data (e.g., ~/.openclaw/.env and credentials/) — store backups with strong filesystem permissions and/or encrypt them (e.g., gpg, age, encrypted archive). (2) If you enable automated cron/announce, verify what the OpenClaw cron 'announce' and channel behavior sends — avoid broadcasting secrets or full manifest to external channels. (3) Do a test restore on a disposable environment to confirm the restore flow and file ownerships/permissions. (4) Keep the backups directory (~/backups) on a secure volume; if you store backups off-host (cloud), use client-side encryption. (5) Avoid running restore as root; run as the same user to preserve expected paths. If you want stronger guarantees, ask the author for an option to encrypt backups or to exclude credential files by default.

Capability Analysis

Type: OpenClaw Skill Name: yuebao-self-backup Version: 1.0.1 The skill is designed to backup and restore the OpenClaw agent's entire state, including sensitive API keys (`.env`), credentials, and configuration files. While the scripts (`scripts/backup.py` and `scripts/restore.py`) perform these actions locally as described, `restore.py` contains a TarSlip vulnerability by using `tar.extractall(HOME)` without validating member paths, which could allow a malicious archive to overwrite arbitrary files. The handling of unencrypted credentials and the lack of path sanitization during restoration are significant security risks.

Capability Assessment

✓ Purpose & Capability

Name/description say 'backup & restore OpenClaw agent state' and the scripts explicitly read and archive OpenClaw configuration, skills, memory, identity files and credential directories — all coherent with the stated purpose.

ℹ Instruction Scope

Instructions direct running the included Python scripts and optionally scheduling via OpenClaw cron. The scripts read many sensitive files (e.g., ~/.openclaw/.env, ~/.openclaw/credentials/) and create a local archive in ~/backups; this is expected for a full backup but is sensitive by design. The SKILL.md suggests using cron with '--announce --channel telegram', which could broadcast backup results depending on the cron system — the skill scripts themselves do not perform network calls or externally transmit archived data.

✓ Install Mechanism

No install spec; skill is instruction-plus-scripts. The scripts are Python and run locally; nothing is downloaded from arbitrary URLs or installed automatically by the skill. Low installation risk.

ℹ Credentials

The skill requests no environment variables, which is consistent. However it explicitly includes API credential files and credential directories in backups, so it will aggregate secrets into local archives. This is proportionate for a backup tool but increases risk if backup storage is not protected or if cron/announce features broadcast status to external channels.

✓ Persistence & Privilege

always is false and the skill does not request persistent elevated privileges or modify other skills. It operates on user files under the home directory and creates backups under ~/backups; no indication of modifying system-wide configs or other skills.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install yuebao-self-backup
After installation, invoke the skill by name or use /yuebao-self-backup
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

v1.0.1: 移除私人配置信息，改为通用模板，适合所有 OpenClaw 用户使用

v1.0.0

完整备份和恢复 OpenClaw 配置、技能、记忆、API凭证。支持定时自动备份，保留最近6份，超出自动清理。一键恢复，5分钟内重建完整环境。

Metadata

Slug yuebao-self-backup

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is OpenClaw Self Backup & Restore?

Backup and restore OpenClaw agent configuration, skills, memory, and workspace files. Use when asked to "backup", "backup yourself", "create a restore point"... It is an AI Agent Skill for Claude Code / OpenClaw, with 241 downloads so far.

How do I install OpenClaw Self Backup & Restore?

Run "/install yuebao-self-backup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Self Backup & Restore free?

Yes, OpenClaw Self Backup & Restore is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does OpenClaw Self Backup & Restore support?

OpenClaw Self Backup & Restore is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Self Backup & Restore?

It is built and maintained by liuyue8135 (@liuyue8135); the current version is v1.0.1.

More Skills