← Back to Skills Marketplace
Clawdog Backup
by
Michael-crazy
· GitHub ↗
· v1.0.1
652
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install clawdog-backup
Description
狗蛋备份恢复技能。备份 OpenClaw 核心文件(SOUL.md, AGENTS.md, IDENTITY.md, USER.md, TOOLS.md)和记忆层(memory/)到 OneDrive,支持实时监控备份和定时备份,可从云端恢复。
README (SKILL.md)
ClawDog Backup
Version: 1.0.1
狗蛋备份恢复技能 — 备份和恢复 OpenClaw 的核心文件和记忆到 OneDrive。
功能
- 核心层备份:实时监控
SOUL.md,AGENTS.md,IDENTITY.md,USER.md,TOOLS.md,文件修改时自动备份 - 记忆层备份:每周定时备份
memory/目录 - 云端同步:备份自动同步到 OneDrive
/备份/OpenClaw/ - 恢复功能:从 OneDrive 恢复备份到指定目录
备份内容
| 类型 | 内容 | 触发方式 |
|---|---|---|
| 核心层 | SOUL.md, AGENTS.md, IDENTITY.md, USER.md, TOOLS.md | 文件修改实时触发 |
| 记忆层 | memory/ | 每周日 UTC 23:00 |
使用方法
备份
核心层文件修改后自动备份(需要启动 inotify 监控):
# 启动核心层监控(后台运行)
nohup /root/.openclaw/workspace/skills/clawdog-backup/scripts/backup-core.sh > /root/.openclaw/backup/inotify.log 2>&1 &
手动触发记忆层备份:
/root/.openclaw/workspace/skills/clawdog-backup/scripts/backup-memory.sh
恢复(从 OneDrive)
# 测试恢复(不覆盖)
/root/.openclaw/workspace/skills/clawdog-backup/scripts/restore.sh --all --dry-run
# 恢复核心层到工作区
/root/.openclaw/workspace/skills/clawdog-backup/scripts/restore.sh --core
# 恢复所有到工作区
/root/.openclaw/workspace/skills/clawdog-backup/scripts/restore.sh --all
恢复(从本地文件 - 新机器)
新机器无需 rclone,直接用备份文件恢复:
# 从本地文件夹恢复所有
./restore.sh --source /path/to/backup-files --all
# 从本地文件恢复核心层到指定目录
./restore.sh --source ./backup-files --core --target /tmp/restore
选项
| 选项 | 说明 |
|---|---|
--source PATH |
本地备份文件夹(不指定则从 OneDrive 恢复) |
--core |
只恢复核心层 |
--memory |
只恢复记忆层 |
--all |
恢复所有(默认) |
--date DATE |
指定日期 (YYYYMMDD) |
--target DIR |
目标目录(默认: workspace) |
--dry-run |
测试模式,不实际恢复 |
OneDrive 位置
- 路径:
OneDrive:/备份/OpenClaw/ - 文件:
goudan-core-YYYYMMDD-HHMMSS.tar.gzgoudan-memory-YYYYMMDD.tar.gz
定时任务
记忆层备份已配置为每周日 UTC 23:00 执行(通过 OpenClaw cron)。
日志
- 核心层备份日志:
/root/.openclaw/backup/core-backup.log - 记忆层备份日志:
/root/.openclaw/backup/memory-backup.log - 恢复日志:
/root/.openclaw/backup/restore.log - inotify 监控日志:
/root/.openclaw/backup/inotify.log
依赖
- rclone(已配置 OneDrive)
- inotify-tools(核心层实时监控)
- tar
注意事项
- 首次使用需要配置 rclone 和 OneDrive
- 核心层监控需要后台运行
- 恢复时默认不覆盖已存在的文件(用
cp -n)
Usage Guidance
This skill appears to do what it claims, but review and configure it carefully before use:
- Verify rclone is installed and you have a OneDrive remote named exactly 'OneDrive' (or edit the scripts/ONEDRIVE variable). The registry metadata failing to declare these binaries is an inconsistency — don't assume they exist.
- Because the backups contain sensitive core files (IDENTITY.md, USER.md, etc.), use rclone's crypt remote or other encryption to protect backups in OneDrive and ensure the OneDrive account is secured (strong auth, MFA).
- The scripts use hard-coded paths under /root/.openclaw. Run them as the intended user or update the paths to your environment to avoid accidental writes as root.
- The restore script has fairly permissive copy logic (cp -n, cp -rn) and extracts archives to a temporary dir; run --dry-run first and inspect the contents before permitting restores. Consider testing restore on an isolated environment.
- Consider running the monitor as a managed service (systemd) instead of nohup so it restarts reliably and runs under a non-root user with least privilege.
- If you need the registry to reflect the skill accurately, ask the publisher to add declared required binaries (rclone, inotify-tools, tar) to the metadata and to document OneDrive setup requirements.
If you want, I can point out exact lines to change (paths, ONEDRIVE name), suggest a minimal systemd unit, or show how to enable rclone crypt before enabling automatic backups.
Capability Analysis
Type: OpenClaw Skill
Name: clawdog-backup
Version: 1.0.1
The OpenClaw skill provides legitimate backup and restore functionality for core OpenClaw files and memory to OneDrive. However, the `scripts/restore.sh` script is vulnerable to a path traversal/tarbomb attack. When restoring from a user-specified local source (`--source`), the `tar -xzf` command extracts the archive to a temporary directory. A malicious archive could contain paths designed to write files outside this temporary directory during extraction, potentially leading to arbitrary file writes on the system. While the `cp -n` commands mitigate the final copy step, the initial extraction itself poses a risk.
Capability Assessment
Purpose & Capability
Skill name/description, SKILL.md, and the included scripts all align: they monitor OpenClaw core files and back up the memory directory to a OneDrive remote. However, the registry metadata declares no required binaries while the SKILL.md and scripts explicitly depend on rclone, inotifywait (inotify-tools) and tar — this mismatch is inconsistent and should be corrected.
Instruction Scope
Runtime instructions and scripts operate on the intended paths (workspace files and memory/) and only send data to the configured OneDrive remote via rclone. No instructions ask the agent to read unrelated system credentials or exfiltrate data to unexpected endpoints. Notes: scripts use absolute paths under /root/.openclaw, assume a remote named 'OneDrive' is configured, and instruct starting a background inotify process (nohup).
Install Mechanism
No install spec is present (instruction-only), and the included scripts run locally without downloading code from external/unknown URLs. This is lower risk than a networked installer. The skill will still write logs and temporary archives under /root/.openclaw/backup when run.
Credentials
The skill declares no required env vars/credentials, which is reasonable because it relies on rclone's existing config for OneDrive. However, rclone's configuration contains access tokens/credentials — the SKILL.md assumes the user has a configured OneDrive remote named 'OneDrive' but the skill does not explicitly document or request that configuration. Also the backups include sensitive core files (IDENTITY.md, USER.md, etc.), so requiring a cloud remote without recommending encryption or access controls is an operational/privacy concern.
Persistence & Privilege
always is false and the skill does not request to auto-enable itself system-wide. The scripts are intended to be started manually (nohup) or scheduled; nothing in the package attempts to modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawdog-backup - After installation, invoke the skill by name or use
/clawdog-backup - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
新增本地恢复功能,支持从本地备份文件恢复,无需 rclone
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Clawdog Backup?
狗蛋备份恢复技能。备份 OpenClaw 核心文件(SOUL.md, AGENTS.md, IDENTITY.md, USER.md, TOOLS.md)和记忆层(memory/)到 OneDrive,支持实时监控备份和定时备份,可从云端恢复。 It is an AI Agent Skill for Claude Code / OpenClaw, with 652 downloads so far.
How do I install Clawdog Backup?
Run "/install clawdog-backup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Clawdog Backup free?
Yes, Clawdog Backup is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Clawdog Backup support?
Clawdog Backup is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Clawdog Backup?
It is built and maintained by Michael-crazy (@michael-crazy); the current version is v1.0.1.
More Skills