← Back to Skills Marketplace

Migrator

Name: Migrator
Author: wenjie2024

by wenjie2024 · GitHub ↗ · v1.1.0

cross-platform ✓ Security Clean

1718

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install migrator

Description

Securely migrate OpenClaw Agent (config, memory, skills) to a new machine.

README (SKILL.md)

OpenClaw Migrator

A utility to package an Agent's state into a portable, encrypted archive (.oca) for migration.

Features

Encrypted Archive: Uses AES-256-GCM + auth tag for confidentiality and integrity.
Path Normalization: Restores workspace path using manifest.json metadata.
Dependency Manifest: Captures system dependencies (Brewfile) to ensure the new environment matches.

Usage

Export (On Old Machine)

migrator export --out my-agent.oca --password "secret"

Import (On New Machine)

migrator import --in my-agent.oca --password "secret"

Security

This skill handles sensitive data (openclaw.json, auth.token). The export process always requires a password to encrypt the archive. Unencrypted exports are disabled by design.

Usage Guidance

This package appears to implement a local, encrypted migration utility and is internally consistent. Before installing or running it: 1) Verify the source — no homepage/repository is listed in the registry metadata, so prefer obtaining it from a trusted repo if possible. 2) Inspect the package.json and source (already included) and prefer running it in a non-privileged account. 3) Use a strong password when exporting archives and keep backups of originals until a successful test restore is completed. 4) If you run npm install to enable the CLI, be aware that npm will fetch third-party dependencies (archiver, tar, fs-extra, commander) — only install if you trust those packages and your network. 5) The test/mock data includes a placeholder API key — ensure you do not accidentally import test data into a production config. Overall: coherent and matches its stated purpose, but exercise the usual caution installing/running code from an unknown publisher.

Capability Analysis

Type: OpenClaw Skill Name: migrator Version: 1.1.0 The OpenClaw Migrator skill is designed to securely package and restore OpenClaw agent data. It implements strong security measures, including AES-256-GCM encryption with `scrypt` for key derivation (`src/archive.js`, `src/restore.js`), and explicit path traversal protection during archive extraction (`src/restore.js`). The skill's instructions in `SKILL.md` and `README.md` are purely descriptive and do not contain any prompt injection attempts. All file operations are local and aligned with the stated purpose of migrating agent configurations and data, with no evidence of data exfiltration, malicious execution, persistence, or obfuscation.

Capability Assessment

✓ Purpose & Capability

Name/description claim to migrate OpenClaw agent state; code implements exporting ~/.openclaw and ~/.clawdbot, building an encrypted archive, and restoring with path healing. Requested resources (home paths, optional MIGRATOR_PASSWORD) match that purpose.

✓ Instruction Scope

SKILL.md simply documents export/import usage and notes sensitive files. Runtime code reads local agent files, writes an encrypted archive, and restores locally — no instructions or code to read unrelated system locations, call external endpoints, or exfiltrate data.

ℹ Install Mechanism

There is no install spec in the registry (instruction-only), yet the package includes full Node.js source and package.json. That is not dangerous by itself but means the tool needs npm/node to run; if you install it locally you will run npm install which fetches listed dependencies (archiver, tar, fs-extra, commander) from npm.

✓ Credentials

The tool uses only local environment (HOME, optional MIGRATOR_PASSWORD or --password). It does not request unrelated API keys, tokens, or cloud credentials. The included test/mock files contain a dummy API key for testing only.

✓ Persistence & Privilege

Skill does not request permanent/always-on presence. CLI drivers present in files run only when executed directly; there is no code that attempts to modify other skills or global agent config.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install migrator
After installation, invoke the skill by name or use /migrator
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.1.0

- Added SKILL.md documentation detailing migrator usage, security features, and capabilities. - Emphasized strong encryption (AES-256-GCM) for all exported agent archives. - Outlined support for path normalization and automated capture of system dependencies via Brewfile. - Clarified that exports always require a password; unencrypted exports are not allowed.

Metadata

Slug migrator

Version 1.1.0

License —

All-time Installs 2

Active Installs 2

Total Versions 1

Frequently Asked Questions

What is Migrator?

Securely migrate OpenClaw Agent (config, memory, skills) to a new machine. It is an AI Agent Skill for Claude Code / OpenClaw, with 1718 downloads so far.

How do I install Migrator?

Run "/install migrator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Migrator free?

Yes, Migrator is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Migrator support?

Migrator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Migrator?

It is built and maintained by wenjie2024 (@wenjie2024); the current version is v1.1.0.

More Skills