← Back to Skills Marketplace
clawd-migrate
by
calabiyauman
· GitHub ↗
· v0.2.1
664
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install clawdmigrate
Description
Migrate moltbot or clawdbot assets to openclaw by discovering, backing up, migrating, verifying files, and reinstalling openclaw automatically.
README (SKILL.md)
clawd-migrate\r
\r Migrate from moltbot or clawdbot to openclaw. Preserves config, memory, and clawdbook (Moltbook) data safely on any system.\r \r
What it does\r
\r
- Discovers existing bot assets (memory files, config, clawdbook/Moltbook credentials)\r
- Backs up everything into a timestamped folder before any changes\r
- Migrates files into the openclaw layout:
memory/,.config/openclaw/,.config/clawdbook/\r - Verifies every source file was copied to its destination (existence + size match)\r
- Reinstalls openclaw (
npm i -g openclaw) and runsopenclaw onboardautomatically\r \r
Quick start\r
\r
npx clawd-migrate\r
```\r
\r
Interactive menu walks you through: Discover -> Backup -> Migrate -> Verify -> Reinstall openclaw.\r
\r
## CLI commands\r
\r
```bash\r
clawd-migrate # Interactive menu (default)\r
clawd-migrate discover [--root PATH]\r
clawd-migrate backup [--root PATH]\r
clawd-migrate migrate [--root PATH] [--no-backup] [--output PATH] [--setup-openclaw]\r
```\r
\r
## Requirements\r
\r
- Node.js 14+\r
- Python 3.x\r
\r
## What gets migrated\r
\r
- **Memory/identity:** SOUL.md, USER.md, TOOLS.md, IDENTITY.md, AGENTS.md, MEMORY.md\r
- **Config:** `.config/moltbook/`, `.config/moltbot/`\r
- **Clawdbook/Moltbook:** Kept under `.config/clawdbook/` (credentials, API keys)\r
- **Extra:** `projects/` (if present)\r
\r
## Tags\r
\r
migration, openclaw, moltbot, clawdbot, clawdbook, moltbook, backup, verify\r
Usage Guidance
This package appears to do what it says: discover your bot files, create a timestamped backup, copy memory/config/credential files into an openclaw layout, and verify copies. Before running it: 1) Review and trust the destination (it will duplicate any credentials found under .config/moltbook or .config/moltbot into backups and .config/clawdbook). 2) Run it in a safe/test environment first (use a temporary directory) to inspect the backup manifest and confirm what will be copied. 3) If you do not want the tool to install software from the network, avoid the post-migration install/onboard step (use the CLI/TUI options that skip setup) — note the docs are inconsistent about automatic install; the migration code does not itself call the installer, but the interactive flow or flags may. 4) Because the repository metadata (homepage/repo URL empty) and versions are slightly inconsistent, prefer to inspect the package source you plan to run (the files here are included) and, if using npm, prefer installing from a known author/repo. If you need further certainty, run the tool inside an isolated/containerized environment and inspect the created backups/_manifest.txt before deleting or moving any originals.
Capability Analysis
Type: OpenClaw Skill
Name: clawdmigrate
Version: 0.2.1
The skill is classified as suspicious due to its use of `subprocess.run(shell=True)` in `openclaw_setup.py` and `spawnSync(shell: true)` in `bin/clawd-migrate.js` for executing external commands like `npm install -g openclaw` and `openclaw onboard`. While these commands are hardcoded and directly align with the skill's stated purpose of migrating to and setting up OpenClaw, the use of `shell=True` is a known vulnerability pattern that can lead to shell injection if not handled with extreme care, even if the immediate exploit path is mitigated by hardcoded commands. Additionally, performing a global `npm install` is a high-privilege action that modifies the system's global environment. There is no evidence of intentional malicious behavior such as data exfiltration, persistence, or obfuscation; all actions are explicitly documented in `SKILL.md` and other documentation files.
Capability Assessment
Purpose & Capability
The name and SKILL.md describe migrating moltbot/clawdbot assets to an openclaw layout; the included Python and Node wrapper code implements discovery, backup, copy, verification, and an optional post-setup. Required env/credentials are none and required binaries are Python/Node/npm which match the described functionality. Minor metadata inconsistencies: registry metadata said "instruction-only" but the package contains implementation files; package.json version (0.2.0) differs from registry version 0.2.1; homepage/repository URL empty — these are bookkeeping issues but not functional red flags.
Instruction Scope
The runtime instructions and code scan the chosen root for files including .config/moltbook and .config/moltbot and will copy credential files (credentials.json / clawdbook data) into the target .config/clawdbook and into backups. That behaviour is expected for a migration tool, but it means secrets stored in those config files will be read and duplicated on disk. Documentation contains mixed wording about whether reinstalling openclaw runs automatically or is user-prompted; the migration code (run_migration) does not itself run openclaw install/onboard, so the docs overstate automatic behavior in places — the TUI or explicit flag is the likely trigger for install-onboard.
Install Mechanism
No install spec is embedded in the skill registry entry, and the package is designed for npm distribution (bin wrapper + scripts/copy-py.js). There are no external download URLs or extract steps in the bundle. The tool can run `npm install -g openclaw` (via subprocess) which fetches code from the npm registry — expected given the stated purpose. No obscure or high-risk install hosts are used in the provided files.
Credentials
The skill declares no required environment variables or credentials, which aligns with the code. However, the code intentionally reads and copies local configuration/credential files (e.g., .config/moltbook/credentials.json) and places them into backups and the openclaw target layout. This is proportionate to a migration tool, but users should understand that secret API keys/credentials present in those paths will be duplicated on disk. The Node wrapper sets PYTHONPATH to the packaged lib for execution — normal for this packaging approach.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skills or global agent config. It writes files to disk (backups and migrated copies) and invokes subprocesses (npm/openclaw) — expected for a migration utility. Use of shell=True for subprocesses is present to match user PATH, which is intentional for locating npm/openclaw on different platforms but means the commands run in the user's shell environment.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawdmigrate - After installation, invoke the skill by name or use
/clawdmigrate - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.1
v0.2.1: Post-migration file verification and automatic openclaw reinstall
Metadata
Frequently Asked Questions
What is clawd-migrate?
Migrate moltbot or clawdbot assets to openclaw by discovering, backing up, migrating, verifying files, and reinstalling openclaw automatically. It is an AI Agent Skill for Claude Code / OpenClaw, with 664 downloads so far.
How do I install clawd-migrate?
Run "/install clawdmigrate" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is clawd-migrate free?
Yes, clawd-migrate is completely free (open-source). You can download, install and use it at no cost.
Which platforms does clawd-migrate support?
clawd-migrate is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created clawd-migrate?
It is built and maintained by calabiyauman (@calabiyauman); the current version is v0.2.1.
More Skills