Description

Cross-platform agent migration and deployment. Use when: (1) migrating OpenClaw agent to new servers, (2) backing up and restoring agent state, (3) deploying...

README (SKILL.md)

Agent Migration

Name: Agent Migrate
Author: haha8d

Migrate OpenClaw agents across servers and platforms while preserving identity, memory, and configuration.

When to Use

✅ USE this skill when:

Moving agent from local machine to remote server
Cloning agent configuration to multiple environments
Backing up complete agent state for disaster recovery
Syncing workspace changes between dev/prod
Upgrading OpenClaw with full rollback capability

❌ DON'T use when:

Simple file copy operations → use cp/rsync directly
Database migrations → use database-specific tools
Non-OpenClaw application deployment

Core Concepts

Agent State Components

Agent State = Identity + Memory + Config + Skills + Extensions
├── workspace/           # Core identity files
│   ├── IDENTITY.md      # Who the agent is
│   ├── USER.md          # Who they serve
│   ├── SOUL.md          # Personality
│   ├── MEMORY.md        # Long-term memory
│   ├── AGENTS.md        # Operational rules
│   ├── TOOLS.md         # Environment notes
│   └── memory/          # Daily logs
├── .openclaw/
│   ├── openclaw.json    # Gateway config
│   ├── agents/          # Session data
│   └── extensions/      # Custom plugins
└── skills/              # Custom skills (if any)

Migration Workflows

1. Export (Source Machine)

# Full agent export
./scripts/export-agent.sh [export-name]

# Creates:
# /tmp/agent-export-[name]/
#   ├── manifest.json      # Export metadata
#   ├── workspace.tar.gz   # Core files
#   ├── config.tar.gz      # OpenClaw config
#   └── restore.sh         # Self-contained restore

2. Transfer

# Via SSH
scp -r /tmp/agent-export-[name] user@new-server:/tmp/

# Via GitHub (recommended for versioned deployments)
# Push to repo, clone on target

3. Import (Target Machine)

# Run self-contained restore
cd /tmp/agent-export-[name] && ./restore.sh

# Or manual:
./scripts/import-agent.sh /tmp/agent-export-[name]

Scripts

Export Agent

scripts/export-agent.sh [name] [--full]

Options:

name - Export identifier (default: timestamp)
--full - Include session history and logs

Import Agent

scripts/import-agent.sh \x3Cexport-path> [--merge|--replace]

Options:

--merge - Merge with existing agent (default)
--replace - Wipe existing, clean install

Sync to GitHub

scripts/sync-github.sh \x3Crepo-url> [--push|--pull]

Syncs agent state to GitHub for versioned deployment.

Platform-Specific Notes

Linux → Linux

Direct transfer, no conversion needed.

macOS → Linux

Check for macOS-specific paths in scripts
Update file watchers if used

Windows WSL → Native Linux

Line endings auto-handled
Verify executable permissions

Docker Deployment

See references/docker-deploy.md for containerized deployment.

Security Checklist

Sanitize openclaw.json (remove sensitive tokens before export)
Verify target machine permissions
Rotate any exposed credentials post-migration
Test agent functionality before production cutover

Rollback

Exports are immutable snapshots. To rollback:

# Re-import previous export
./scripts/import-agent.sh /path/to/previous-export --replace

Usage Guidance

This skill is intended for migrating OpenClaw agents and contains useful export/restore scripts, but be cautious before running it: 1) Review the scripts line-by-line — sync-github.sh will collect identity and memory files and push them to whatever repo you provide, and it can force-push; do not run it against a public repo. 2) The jq-based sanitization is imperfect — manually inspect openclaw.json and any workspace files for tokens/secrets before syncing. 3) Note the scripts use hardcoded paths (/home/node/.openclaw and /usr/local/...) — adjust them to your environment or run in a controlled container. 4) Prefer using scp or an encrypted/private repo, or remove sensitive files from the agent-export before transfer. 5) Because import-agent.sh referenced in docs is missing, rely on the generated restore.sh (inspect it) or implement a controlled import process. If you plan to use this in production, test on an isolated machine and rotate any credentials after migration.

Capability Analysis

Type: OpenClaw Skill Name: agent-migrate Version: 1.0.0 The skill provides high-privilege migration and backup capabilities that involve handling sensitive agent data, including identity files and configuration secrets. A significant security vulnerability exists in `scripts/sync-github.sh`, where the `jq`-based sanitization logic incorrectly checks values instead of key names for sensitive strings (e.g., 'key', 'token'), which will fail to redact actual API keys (e.g., 'sk-...') before pushing them to a remote GitHub repository. Furthermore, the scripts perform high-risk operations such as packaging the entire agent state into `/tmp` and executing generated shell scripts (`restore.sh`), which could be exploited if the agent is manipulated via prompt injection to use an attacker-controlled repository.

Capability Assessment

ℹ Purpose & Capability

Overall the requested actions (exporting workspace, config, skills, extensions, and offering restore) align with an agent migration tool. However there are small inconsistencies: SKILL.md references scripts/import-agent.sh which is not present (the export generates a restore.sh instead), and the scripts assume a specific host path (/home/node/.openclaw) rather than using a configurable or $HOME path. These mismatches reduce clarity and could cause misexecution on hosts with different layouts.

⚠ Instruction Scope

The instructions and included sync-github.sh actively collect identity files (IDENTITY.md, MEMORY.md, etc.) and push them to a Git repository. Although docker-deploy.md and the security checklist mention sanitization, the sync script still copies long-term memory and identity files by default and only attempts a best-effort jq-based sanitization of openclaw.json. The script also attempts force-pushes. These behaviors go beyond simple filesystem copy and create a real exfiltration risk if the target repo or credentials are misconfigured.

✓ Install Mechanism

There is no install spec (instruction-only plus utility scripts), which is low risk from an automatic-install perspective. The only runtime actions are shell scripts included in the package; nothing is downloaded from arbitrary URLs by the skill itself.

⚠ Credentials

The skill declares no required environment variables but the scripts implicitly require host git credentials (SSH key or token), jq, git, and an OpenClaw installation (openclaw status). It also reads files under /home/node/.openclaw and /usr/local/lib/node_modules/openclaw — access to these paths is expected for migration, but copying identity and memory files to an external Git remote is disproportionate unless the user intentionally wants that. The export script also runs openclaw status which may reveal runtime info. The skill does not require or document credentials, so credential use is implicit and potentially surprising.

✓ Persistence & Privilege

always:false and no modifications to other skills or system-wide agent settings are requested. The export creates a restore.sh in the archive and marks it executable (normal for self-contained restore). No elevated platform privileges or 'always' persistence were requested.

Version History

v1.0.0

Initial release of agent-migrate – cross-platform migration for OpenClaw agents. - Supports exporting, transferring, and importing complete OpenClaw agent state (identity, memory, config, skills). - Enables seamless migration across servers and environments (Linux, macOS, Windows WSL, Docker). - Includes backup, rollback, and workspace syncing workflows. - Not intended for general file or non-agent data migration use cases. - Provides scripts for export/import and GitHub-based versioned deployment. - Security and platform-specific migration guidelines included.

Metadata

Slug agent-migrate

Version 1.0.0

License —

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is Agent Migrate?

Cross-platform agent migration and deployment. Use when: (1) migrating OpenClaw agent to new servers, (2) backing up and restoring agent state, (3) deploying... It is an AI Agent Skill for Claude Code / OpenClaw, with 345 downloads so far.

How do I install Agent Migrate?

Run "/install agent-migrate" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Agent Migrate free?

Yes, Agent Migrate is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Agent Migrate support?

Agent Migrate is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Agent Migrate?

It is built and maintained by haha8d (@haha8d); the current version is v1.0.0.

More Skills

Agent Migrate