← Back to Skills Marketplace
OpenClaw Migrator
by
wenjie2024
· GitHub ↗
· v1.0.0
1596
Downloads
1
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-migrator
Description
Securely migrate OpenClaw Agent (config, memory, skills) to a new machine.
Usage Guidance
This skill appears to implement what it claims, but review before running: 1) Source metadata lacks a homepage — prefer to install from a known/trusted repository or release tag. 2) The tool will read your HOME/.openclaw and HOME/clawd by default and will include sensitive files (openclaw.json, any tokens) in the encrypted archive — verify what is being packaged or exclude files you don't want migrated. 3) The code uses a password (CLI --password or MIGRATOR_PASSWORD env var) but the registry didn't declare required env vars — be explicit when running (pass a strong password via --password). 4) There are developer/test CLI drivers in archive.js and restore.js that operate on test-data; they require MIGRATOR_PASSWORD and are harmless if not executed, but avoid running unknown scripts directly. 5) Always verify the archive on the target machine before restoring and keep a backup of the current target data. If you want higher assurance, ask the publisher for an official release URL, checksum-signed artifacts, or run the tool in an isolated environment first.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-migrator
Version: 1.0.0
The OpenClaw Migrator skill bundle is designed to securely export and import OpenClaw agent data (config, memory, skills) between machines. It uses AES-256-GCM encryption for confidentiality and integrity, and handles sensitive data like `openclaw.json` by encrypting it into a local archive. All file system operations and environment variable access (e.g., `process.env.HOME`, `process.env.MIGRATOR_PASSWORD`) are directly aligned with its stated purpose. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in `SKILL.md` or `README.md`. The `package.json` even includes a `scan` script to detect API keys, indicating a security-conscious approach.
Capability Assessment
Purpose & Capability
The name/description (migrate OpenClaw agent config, memory, skills) match the code: createArchive/restoreArchive implement tar packaging and AES-256-GCM encryption, include a manifest, and fix workspace paths on restore. Dependency choices (archiver, tar, fs-extra) are appropriate for the stated task.
Instruction Scope
SKILL.md usage (export/import with a password) aligns with the CLI implemented in src/index.js. The skill will read .openclaw and clawd directories (by default HOME-based paths) and will package whatever is present there — including sensitive files like openclaw.json and tokens, which the README and SKILL.md explicitly mention. Two source files (src/archive.js and src/restore.js) also include small standalone CLI drivers that operate on test-data paths; these are developer/test artifacts and not part of the main index.js CLI but they do require MIGRATOR_PASSWORD when invoked directly.
Install Mechanism
There is no install spec in the registry (instruction-only), but a package.json and source are included. The dependencies are standard npm packages; there are no remote downloads or URL-based installers. README suggests cloning from GitHub, but the registry entry has no homepage — you should obtain a canonical release if you plan to install.
Credentials
The registry metadata declares no required env vars, but the code (and SKILL.md) expects a password via --password or the MIGRATOR_PASSWORD environment variable. Additionally, several files read from the user's HOME (.openclaw, clawd) and the tool will write files to the destination directory; these are expected for migration but are sensitive operations. The discrepancy between declared env requirements (none) and actual code usage (MIGRATOR_PASSWORD) is a mismatch to note.
Persistence & Privilege
The skill does not request permanent platform-wide privileges (always:false). It will read files under user HOME and write extracted files into the chosen destination — expected behavior for a migration tool. Autonomous invocation is allowed by default (platform normal) but there is no evidence the skill attempts to modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-migrator - After installation, invoke the skill by name or use
/openclaw-migrator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
🚀 Initial Release
✅ AES-256-GCM encryption with integrity verification
✅ Structured headers for forward compatibility
✅ Automatic path mapping with embedded manifest
✅ Self-healing restore with validation
Migrate your OpenClaw agent (config, keys, memory, soul) between machines losslessly.
Metadata
Frequently Asked Questions
What is OpenClaw Migrator?
Securely migrate OpenClaw Agent (config, memory, skills) to a new machine. It is an AI Agent Skill for Claude Code / OpenClaw, with 1596 downloads so far.
How do I install OpenClaw Migrator?
Run "/install openclaw-migrator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Migrator free?
Yes, OpenClaw Migrator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenClaw Migrator support?
OpenClaw Migrator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Migrator?
It is built and maintained by wenjie2024 (@wenjie2024); the current version is v1.0.0.
More Skills