← 返回 Skills 市场
zurbrick

Openclaw Backup

作者 Don Zurbrick · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ⚠ suspicious
234
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install agent-backup
功能描述
Encrypted backup and restore for OpenClaw agents. Two-tier archives: operational data safe for cloud storage, secrets encrypted with age for local recovery....
使用说明 (SKILL.md)

🔐 Agent Backup

One command to backup. One command to restore. Everything encrypted, verified, and rollback-safe.

Quick Start

# Backup (operational only — safe for cloud)
bash {baseDir}/scripts/backup.sh

# Backup with encrypted secrets
bash {baseDir}/scripts/backup.sh --include-secrets --age-recipient age1...

# Verify
bash {baseDir}/scripts/verify.sh --manifest \x3Cpath>/manifest.json --archive \x3Cpath>/backup.tar.gz

# Restore (dry-run first)
bash {baseDir}/scripts/restore.sh --manifest \x3Cpath>/manifest.json --archive \x3Cpath>/backup.tar.gz --dry-run

# Restore for real
bash {baseDir}/scripts/restore.sh --manifest \x3Cpath>/manifest.json --archive \x3Cpath>/backup.tar.gz

# Push to GitHub (operational only, secrets blocked if unencrypted)
bash {baseDir}/scripts/push-to-github.sh --manifest \x3Cpath>/manifest.json --archive \x3Cpath>/backup.tar.gz

# Schedule daily 4 AM backups
bash {baseDir}/scripts/schedule.sh

Two-Tier Archive Model

Tier Contents Cloud safe? Encrypted?
Operational Workspace, redacted config, crons ✅ Yes No (no secrets)
Secrets .env, agent auth profiles ❌ Local only ✅ Required (age)

Default: operational only. Secrets are opt-in via --include-secrets.

Restore Safety

Restore uses a 7-step safety flow:

  1. Verify manifest checksums
  2. Extract to staging (not live directory)
  3. Verify critical files in staging
  4. Backup current state to .pre-restore-backup-TIMESTAMP
  5. Atomic swap
  6. Health check (pre-restart-check.sh if available)
  7. Auto-rollback on failure

Flags: --dry-run (preview only), --force (non-interactive)

Prerequisites

  • age for secrets encryption: brew install age or apt install age
  • gh for GitHub push (optional): brew install gh

Configuration

Set encryption via environment or flags:

# Environment
export AGE_RECIPIENT="age1your_public_key"
export AGE_PASSPHRASE_FILE="/path/to/passphrase"

# Or flags
bash {baseDir}/scripts/backup.sh --include-secrets --age-recipient age1...

Workflows

  • bash {baseDir}/scripts/weekly-verify.sh — verify all backup sets, prune by daily/weekly/monthly retention, and clean orphaned files.
  • bash {baseDir}/scripts/monthly-drill.sh — run a dry-run restore against the newest backup set and report pass/fail.
  • bash {baseDir}/scripts/pre-change-snapshot.sh — create a fast operational-only snapshot before config edits or gateway restarts.
  • .github/workflows/verify-backup.yml — GitHub Actions CI that builds a fixture backup, validates manifest checksums, extracts the archive, and checks critical files.

Reference Files

  • {baseDir}/references/restore-guide.md — full disaster recovery walkthrough
  • {baseDir}/references/what-to-backup.md — every file explained
  • {baseDir}/references/retention-policy.md — how long to keep backups
安全使用建议
This package implements a reasonable backup/restore flow, but review and confirm a few things before installing: 1) Ensure required binaries are present: tar, python3, and the openclaw CLI; install age and gh only if you intend to use encrypted secrets or GitHub push. 2) Understand credential use: push-to-github uses your gh session (it will create/clone a private repo under your GitHub account) and secrets restoration uses age identities or passphrase files you provide — keep those keys/passphrases secure. 3) Test in dry-run mode first: run verify.sh and restore.sh --dry-run and run monthly-drill/monthly-verify in a test backup folder. 4) Be aware restore.sh replaces ~/.openclaw atomically and will move the pre-restore state to a timestamped .pre-restore-backup directory; schedule.sh will create/replace cron jobs via openclaw cron create. 5) Because the metadata omits required binaries/envs, treat the omission as a packaging oversight; if you need to install this, prefer a local code review and run scripts manually in a sandbox before giving them access to production credentials or enabling scheduled jobs.
功能分析
Type: OpenClaw Skill Name: agent-backup Version: 1.1.0 The skill provides comprehensive backup and disaster recovery functionality, which inherently requires high-risk capabilities such as broad file system access (reading and writing to the agent's home directory), network access (pushing archives to GitHub via the 'gh' CLI), and persistence (creating cron jobs via 'openclaw cron'). While these actions are clearly aligned with the stated purpose and include significant security controls—such as mandatory 'age' encryption for secrets, automated redaction of sensitive keys in configuration files, and atomic restore operations with rollback—the presence of these powerful capabilities without a sandbox fits the criteria for a 'suspicious' classification. Key files involved include 'scripts/backup.sh' (redaction/archiving), 'scripts/push-to-github.sh' (external data transfer), and 'scripts/restore.sh' (system-level file replacement).
能力评估
Purpose & Capability
The skill's stated purpose is an encrypted backup/restore for OpenClaw and the included scripts implement that. However the registry metadata claims no required binaries or env vars while the scripts unambiguously require tar, python3, and the openclaw CLI (schedule/restore), and optionally age and gh for secrets and GitHub pushes. Those runtime requirements are proportional to the stated purpose, but they are not declared in the skill metadata — an incoherence that could surprise operators.
Instruction Scope
SKILL.md and the scripts stay within the backup/restore domain: staging, checksums, optional secrets encryption with age, and pushing operational archives to a GitHub repo. The restore flow is destructive when run for real (it atomically swaps ~/.openclaw and saves a .pre-restore-backup) and scheduling creates OpenClaw cron jobs that will run these scripts. No instructions attempt to read or exfiltrate unrelated system files or unknown network endpoints beyond GitHub and the optional use of gh.
Install Mechanism
There is no external download/install step in the manifest (no network install), and all included code is local shell/python scripts. That lowers install risk. There is no 'extract-from-URL' or third-party package install specified by the registry metadata.
Credentials
The scripts expect and honor environment variables (AGE_RECIPIENT, AGE_PASSPHRASE_FILE, AGE_IDENTITY_FILE, OPENCLAW_DIR, BACKUP_DIR, CRON_*), and they use the user's gh authentication and the openclaw CLI. The registry declared no required envs or primary credential — this mismatch is a risk because the skill will act using the operator's local credentials (GitHub via gh, OpenClaw CLI context) and may read passphrase files if provided. Those accesses are explainable by the feature set, but they should be declared so operators know what credentials will be used.
Persistence & Privilege
always:false and user-invocable:true (defaults) — good. The skill does create cron jobs via the openclaw CLI (schedule.sh) which grants it persistence/recurrence on the host via OpenClaw's scheduling mechanism; this is expected for a backup tool but operators should be aware cron entries are created/replaced. The skill does not modify other skills' configs directly.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install agent-backup
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /agent-backup 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
v1.1.0: Added workflows — weekly-verify.sh (archive validation + retention pruning), monthly-drill.sh (automated restore dry-run), pre-change-snapshot.sh (quick snapshot before config changes), GitHub Actions CI for backup verification on push.
v1.0.1
v1.0.1: Improved documentation — scannable README with disaster recovery scenarios, security model table, setup guide, file reference. SKILL.md trimmed for AgentSkills spec.
v1.0.0
v1.0.0: Council-hardened backup/restore. Two-tier archives (operational + encrypted secrets), age encryption, manifest with SHA-256 checksums, atomic restore with staging/rollback, dry-run testing, GitHub push with secrets protection.
元数据
Slug agent-backup
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Openclaw Backup 是什么?

Encrypted backup and restore for OpenClaw agents. Two-tier archives: operational data safe for cloud storage, secrets encrypted with age for local recovery.... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 234 次。

如何安装 Openclaw Backup?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-backup」即可一键安装,无需额外配置。

Openclaw Backup 是免费的吗?

是的,Openclaw Backup 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Openclaw Backup 支持哪些平台?

Openclaw Backup 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Openclaw Backup?

由 Don Zurbrick(@zurbrick)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论