Description

一键恢复 OpenClaw 数据，支持加密和未加密备份，自动备份旧数据并重启服务确保恢复成功。

README (SKILL.md)

OpenClaw 恢复 Skill

Name: Openclaw Restore
Author: halaoluan

从备份文件一键恢复 OpenClaw 数据，支持加密和未加密备份。

使用场景

触发词	操作
"恢复 OpenClaw"	从备份恢复数据
"恢复最新备份"	自动选择最新备份恢复
"恢复加密备份"	解密并恢复
"列出可恢复的备份"	显示所有备份

核心脚本

1. 恢复脚本（未加密备份）

位置：scripts/restore.sh

#!/bin/bash
set -euo pipefail

if [ $# -lt 1 ]; then
    echo "用法: $0 /path/to/openclaw_backup_xxx.tar.gz"
    exit 1
fi

ARCHIVE="$1"
RESTORE_TMP="/tmp/openclaw_restore_$(date +"%Y-%m-%d_%H-%M-%S")"

if [ ! -f "$ARCHIVE" ]; then
    echo "❌ 备份文件不存在: $ARCHIVE"
    exit 1
fi

# 验证校验文件
if [ -f "$ARCHIVE.sha256" ]; then
    echo "🔐 验证备份完整性..."
    if ! shasum -c "$ARCHIVE.sha256"; then
        echo "❌ 校验失败！备份文件可能已损坏。"
        echo "是否仍要继续？[y/N]"
        read -p "> " CONFIRM
        if [ "$CONFIRM" != "y" ] && [ "$CONFIRM" != "Y" ]; then
            exit 1
        fi
    fi
    echo "✓ 校验通过"
fi

mkdir -p "$RESTORE_TMP"

echo "📦 解压备份文件..."
tar -xzf "$ARCHIVE" -C "$RESTORE_TMP"

echo "🐈‍⬛ 开始恢复..."

# 停止OpenClaw
if command -v openclaw >/dev/null 2>&1; then
    echo "⏸  停止 OpenClaw 网关..."
    openclaw gateway stop 2>/dev/null || true
    sleep 2
fi

# 备份当前数据（以防万一）
if [ -d "$HOME/.openclaw" ]; then
    BACKUP_OLD="$HOME/.openclaw.backup.$(date +"%Y%m%d_%H%M%S")"
    echo "💾 备份当前数据到: $BACKUP_OLD"
    mv "$HOME/.openclaw" "$BACKUP_OLD"
fi

# 恢复
if [ -d "$RESTORE_TMP/.openclaw" ]; then
    cp -a "$RESTORE_TMP/.openclaw" "$HOME/"
    echo "✓ 已恢复: ~/.openclaw"
fi

if [ -d "$RESTORE_TMP/.clawdbot" ]; then
    cp -a "$RESTORE_TMP/.clawdbot" "$HOME/"
    echo "✓ 已恢复: ~/.clawdbot"
fi

rm -rf "$RESTORE_TMP"

# 修复检查
if command -v openclaw >/dev/null 2>&1; then
    echo "🔧 执行修复检查..."
    openclaw doctor || true
    echo "▶️  重启 OpenClaw 网关..."
    openclaw gateway restart || true
    sleep 3
    openclaw status || true
fi

echo ""
echo "✅ 恢复完成！"
echo ""
echo "建议立即测试："
echo "1. OpenClaw 是否能正常启动"
echo "2. 记忆是否还在"
echo "3. 渠道登录状态是否保留"
echo "4. API 配置是否正常"
echo ""
if [ -n "${BACKUP_OLD:-}" ]; then
    echo "旧数据已备份到: $BACKUP_OLD"
    echo "确认恢复成功后可删除: rm -rf $BACKUP_OLD"
fi

2. 恢复加密备份

位置：scripts/restore_encrypted.sh

#!/bin/bash
set -euo pipefail

if [ $# -lt 1 ]; then
    echo "用法: $0 /path/to/openclaw_backup_xxx.tar.gz.enc"
    exit 1
fi

ENCRYPTED_ARCHIVE="$1"
RESTORE_TMP="/tmp/openclaw_restore_$(date +"%Y-%m-%d_%H-%M-%S")"
DECRYPTED_ARCHIVE="$RESTORE_TMP/backup.tar.gz"

if [ ! -f "$ENCRYPTED_ARCHIVE" ]; then
    echo "❌ 加密备份不存在: $ENCRYPTED_ARCHIVE"
    exit 1
fi

# 验证校验
if [ -f "$ENCRYPTED_ARCHIVE.sha256" ]; then
    echo "🔐 验证备份完整性..."
    if ! shasum -c "$ENCRYPTED_ARCHIVE.sha256"; then
        echo "❌ 校验失败！"
        exit 1
    fi
    echo "✓ 校验通过"
fi

mkdir -p "$RESTORE_TMP"

# 输入密码
if [ -z "${OPENCLAW_BACKUP_PASSWORD:-}" ]; then
    echo "请输入备份密码:"
    read -s BACKUP_PASSWORD
    echo ""
else
    BACKUP_PASSWORD="$OPENCLAW_BACKUP_PASSWORD"
fi

# 解密
echo "🔓 解密中..."
if ! openssl enc -aes-256-cbc -d -pbkdf2 -iter 100000 \
    -in "$ENCRYPTED_ARCHIVE" \
    -out "$DECRYPTED_ARCHIVE" \
    -pass pass:"$BACKUP_PASSWORD"; then
    echo "❌ 解密失败！密码错误或文件已损坏。"
    rm -rf "$RESTORE_TMP"
    exit 1
fi

echo "✓ 解密成功"

# 解压
echo "📦 解压备份..."
tar -xzf "$DECRYPTED_ARCHIVE" -C "$RESTORE_TMP"

echo "🐈‍⬛ 开始恢复..."

# 停止OpenClaw
if command -v openclaw >/dev/null 2>&1; then
    echo "⏸  停止网关..."
    openclaw gateway stop 2>/dev/null || true
    sleep 2
fi

# 备份当前数据
if [ -d "$HOME/.openclaw" ]; then
    BACKUP_OLD="$HOME/.openclaw.backup.$(date +"%Y%m%d_%H%M%S")"
    echo "💾 备份当前数据到: $BACKUP_OLD"
    mv "$HOME/.openclaw" "$BACKUP_OLD"
fi

# 恢复
if [ -d "$RESTORE_TMP/.openclaw" ]; then
    cp -a "$RESTORE_TMP/.openclaw" "$HOME/"
    echo "✓ 已恢复: ~/.openclaw"
fi

if [ -d "$RESTORE_TMP/.clawdbot" ]; then
    cp -a "$RESTORE_TMP/.clawdbot" "$HOME/"
    echo "✓ 已恢复: ~/.clawdbot"
fi

rm -rf "$RESTORE_TMP"

# 修复检查
if command -v openclaw >/dev/null 2>&1; then
    echo "🔧 执行修复检查..."
    openclaw doctor || true
    echo "▶️  重启网关..."
    openclaw gateway restart || true
    sleep 3
    openclaw status || true
fi

echo ""
echo "✅ 恢复完成！"
echo ""
if [ -n "${BACKUP_OLD:-}" ]; then
    echo "旧数据已备份到: $BACKUP_OLD"
    echo "确认恢复成功后可删除: rm -rf $BACKUP_OLD"
fi

3. 恢复最新备份

位置：scripts/restore_latest.sh

#!/bin/bash
set -euo pipefail

BACKUP_ROOT="${OPENCLAW_BACKUP_DIR:-$HOME/Desktop/OpenClaw_Backups}"

echo "🐈‍⬛ 恢复最新备份"
echo "备份目录: $BACKUP_ROOT"
echo ""

if [ ! -d "$BACKUP_ROOT" ]; then
    echo "❌ 备份目录不存在"
    exit 1
fi

cd "$BACKUP_ROOT"

# 查找最新备份（优先加密）
LATEST_ENCRYPTED=$(ls -t openclaw_backup_*.tar.gz.enc 2>/dev/null | head -1)
LATEST_PLAIN=$(ls -t openclaw_backup_*.tar.gz 2>/dev/null | grep -v ".enc" | head -1)

if [ -n "$LATEST_ENCRYPTED" ]; then
    echo "发现最新加密备份: $LATEST_ENCRYPTED"
    LATEST="$BACKUP_ROOT/$LATEST_ENCRYPTED"
    SCRIPT="restore_encrypted.sh"
elif [ -n "$LATEST_PLAIN" ]; then
    echo "发现最新备份: $LATEST_PLAIN"
    LATEST="$BACKUP_ROOT/$LATEST_PLAIN"
    SCRIPT="restore.sh"
else
    echo "❌ 未找到备份文件"
    exit 1
fi

echo ""
echo "确认恢复？[y/N]"
read -p "> " CONFIRM

if [ "$CONFIRM" != "y" ] && [ "$CONFIRM" != "Y" ]; then
    echo "取消恢复"
    exit 0
fi

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
bash "$SCRIPT_DIR/$SCRIPT" "$LATEST"

4. 列出可恢复的备份

位置：scripts/list_restoreable.sh

#!/bin/bash
set -euo pipefail

BACKUP_ROOT="${OPENCLAW_BACKUP_DIR:-$HOME/Desktop/OpenClaw_Backups}"

echo "🐈‍⬛ 可恢复的备份列表"
echo "位置: $BACKUP_ROOT"
echo ""

if [ ! -d "$BACKUP_ROOT" ]; then
    echo "❌ 备份目录不存在"
    exit 1
fi

cd "$BACKUP_ROOT"

COUNT=0

ls -lt openclaw_backup_*.tar.gz* 2>/dev/null | grep -v ".sha256" | while read -r line; do
    COUNT=$((COUNT + 1))
    SIZE=$(echo "$line" | awk '{print $5}')
    DATE=$(echo "$line" | awk '{print $6, $7, $8}')
    FILE=$(echo "$line" | awk '{print $9}')
    
    if [[ "$FILE" == *.enc ]]; then
        TYPE="🔐 加密"
        RESTORE_CMD="bash ~/.openclaw/skills/openclaw-restore/scripts/restore_encrypted.sh \"$BACKUP_ROOT/$FILE\""
    else
        TYPE="📂 普通"
        RESTORE_CMD="bash ~/.openclaw/skills/openclaw-restore/scripts/restore.sh \"$BACKUP_ROOT/$FILE\""
    fi
    
    echo "[$COUNT] $FILE"
    echo "    类型: $TYPE | 大小: $SIZE | 日期: $DATE"
    echo "    恢复: $RESTORE_CMD"
    echo ""
done

echo "快速恢复最新备份："
echo "  bash ~/.openclaw/skills/openclaw-restore/scripts/restore_latest.sh"

使用方法

方式1：直接调用脚本

# 恢复普通备份
bash ~/.openclaw/skills/openclaw-restore/scripts/restore.sh \
  ~/Desktop/OpenClaw_Backups/openclaw_backup_2026-03-13_20-00-00.tar.gz

# 恢复加密备份
bash ~/.openclaw/skills/openclaw-restore/scripts/restore_encrypted.sh \
  ~/Desktop/OpenClaw_Backups/openclaw_backup_2026-03-13_20-00-00.tar.gz.enc

# 恢复最新备份
bash ~/.openclaw/skills/openclaw-restore/scripts/restore_latest.sh

# 列出可恢复备份
bash ~/.openclaw/skills/openclaw-restore/scripts/list_restoreable.sh

方式2：通过 OpenClaw 调用

当用户说：

"恢复 OpenClaw" → 执行 restore_latest.sh
"列出备份" → 执行 list_restoreable.sh
"恢复这个备份 [文件路径]" → 执行对应 restore 脚本

恢复后检查清单

✅ 必检项目

网关状态
```
openclaw status
```
配置验证
```
openclaw doctor
```
记忆文件
```
cat ~/.openclaw/workspace/MEMORY.md
```
渠道登录
- Telegram Bot 是否在线
- WeChat 是否需要重新扫码

API 配置

cat ~/.openclaw/config.yaml | grep -A5 "model:"

灾难恢复流程

场景：macOS 完全重装

第1步：安装 OpenClaw

# 安装 Node.js
brew install node

# 安装 OpenClaw
npm install -g openclaw

第2步：恢复备份

# 从云盘/移动硬盘拷贝备份文件
cp /Volumes/External/openclaw_backup_*.tar.gz.enc ~/Desktop/

# 恢复
bash ~/.openclaw/skills/openclaw-restore/scripts/restore_encrypted.sh \
  ~/Desktop/openclaw_backup_2026-03-13_20-00-00.tar.gz.enc

第3步：验证

openclaw doctor
openclaw gateway restart
openclaw status

故障排查

问题1：解密失败

症状：bad decrypt

原因：密码错误或文件损坏

解决：

确认密码正确
验证备份完整性：shasum -c backup.tar.gz.enc.sha256
尝试恢复更早的备份

问题2：恢复后网关无法启动

症状：openclaw gateway start 失败

解决：

# 检查配置
openclaw doctor

# 查看日志
tail -f ~/.openclaw/logs/gateway.log

# 重置配置（谨慎）
mv ~/.openclaw/config.yaml ~/.openclaw/config.yaml.broken
openclaw gateway start

问题3：权限问题

症状：Permission denied

解决：

# 修复权限
chmod -R 755 ~/.openclaw
chmod 600 ~/.openclaw/config.yaml

最佳实践

1. 恢复前备份当前数据

脚本会自动备份到 ~/.openclaw.backup.YYYYMMDD_HHMMSS

2. 验证备份完整性

恢复前务必检查 SHA256：

shasum -c backup.tar.gz.sha256

3. 小范围测试

可以先恢复到临时位置测试：

tar -xzf backup.tar.gz -C /tmp/test_restore

4. 渠道重新登录

某些渠道（如 WeChat）可能需要重新扫码登录

参考

Usage Guidance

This skill's code looks like a straightforward OpenClaw restore tool, but there are a few red flags you should address before installing or running it: - Inspect the scripts locally line-by-line (restore.sh, restore_encrypted.sh, restore_latest.sh). They will move/overwrite ~/.openclaw and related data; ensure you trust the source. - The package metadata does not declare required binaries or env vars, but the scripts use openssl, tar, shasum, and optionally OPENCLAW_BACKUP_PASSWORD and OPENCLAW_BACKUP_DIR. Make sure those tools exist and avoid putting sensitive passwords in plaintext env vars. - SKILL.md contained a prompt-injection (unicode-control-chars) signal — open the file in a hex-capable editor to confirm there are no hidden control characters or malicious invisible sequences. - SKILL.md references a list_restoreable script, but that script is not present in the file manifest; confirm the distributor's repository or request a corrected package. - Because these scripts are destructive (they move and copy your config), test on a non-production machine or with copies of your backups first. Keep an independent copy of your current ~/.openclaw before running. - Prefer to run the included scripts manually rather than allowing an agent to invoke them autonomously until you've verified behavior. If the author/publisher is trusted and you verify the above, the functionality itself is consistent with the stated purpose. If you cannot verify the files or find hidden characters, do not run the scripts.

Capability Analysis

Type: OpenClaw Skill Name: halaoluan-openclaw-restore Version: 1.0.0 The openclaw-restore skill bundle is a legitimate utility for restoring OpenClaw data from local backups. The core scripts (restore.sh, restore_encrypted.sh) implement standard recovery procedures, including SHA256 integrity verification, AES-256 decryption via OpenSSL, and safety backups of existing data before overwriting. No evidence of data exfiltration, malicious execution, or prompt injection was found; the tool's behavior is transparent and aligns with its stated purpose of disaster recovery.

Capability Assessment

ℹ Purpose & Capability

The name/description match the provided scripts: they stop the OpenClaw gateway, decrypt (optional), validate, back up current data, and restore ~/.openclaw and ~/.clawdbot. However, the skill declares no required binaries/env vars while the scripts clearly expect tools (openssl, tar, shasum) and optional env vars (OPENCLAW_BACKUP_PASSWORD, OPENCLAW_BACKUP_DIR). That mismatch is a packaging inconsistency.

✓ Instruction Scope

The runtime instructions and included scripts stay within the stated purpose: they read backups, optionally prompt for a password or read OPENCLAW_BACKUP_PASSWORD, extract archives to /tmp, move and overwrite user data in $HOME (~/.openclaw), and call openclaw commands. Those actions are expected for a restore tool, but note they perform destructive filesystem operations (mv and cp over ~/.openclaw) — the scripts do create a timestamped backup of existing data and prompt for confirmation in restore_latest.sh and on checksum failure.

✓ Install Mechanism

This is an instruction-and-script-only skill (no install spec). No network download/install steps are embedded, so nothing arbitrary will be fetched at install time. The lack of an install mechanism limits extra risk, but it also means the user-provided environment must supply required tools.

⚠ Credentials

The skill package does not declare required environment variables or binaries, yet scripts reference OPENCLAW_BACKUP_PASSWORD and OPENCLAW_BACKUP_DIR and call shasum/openssl/tar/openclaw. Requesting a backup password via an env var (OPENCLAW_BACKUP_PASSWORD) is functional but sensitive; the README even suggests storing the password in plaintext env vars (not recommended). The omission of these requirements from metadata is an inconsistency that could mislead users about what sensitive data might be used.

✓ Persistence & Privilege

The skill does not request permanent/always inclusion (always: false) and allows normal autonomous invocation. It does not modify other skills or global agent settings. Autonomous invocation is the platform default and not a standalone concern here.

Version History

v1.0.0

Initial release: One-click restore, encrypted backup support, disaster recovery guide

Metadata

Slug halaoluan-openclaw-restore

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Openclaw Restore?

一键恢复 OpenClaw 数据，支持加密和未加密备份，自动备份旧数据并重启服务确保恢复成功。 It is an AI Agent Skill for Claude Code / OpenClaw, with 279 downloads so far.

How do I install Openclaw Restore?

Run "/install halaoluan-openclaw-restore" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Restore free?

Yes, Openclaw Restore is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Openclaw Restore support?

Openclaw Restore is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Openclaw Restore?

It is built and maintained by halaoluan (@halaoluan); the current version is v1.0.0.

More Skills

Openclaw Restore