功能描述

Encrypted GitHub backup and restore for any OpenClaw agent system. Creates branch-per-night backups with smart retention (7 daily, 8 weekly, 12 monthly branc...

使用说明 (SKILL.md)

🛡️ Avenger Initiative

Name: Avenger Initiative
Author: asif2bd

Encrypted, branch-based GitHub backup and restore for any OpenClaw system.

When This Skill Triggers

User says "setup avenger" / "configure backup" / "avenger init" → Run SETUP flow
User says "avenger backup" / "backup system" / "push to vault" → Run BACKUP
User says "restore from vault" / "avenger restore" → Run RESTORE flow
User says "avenger status" / "vault status" → Show STATUS
After any confirmed config change (gateway restart, config patch) → Run BACKUP silently

SETUP FLOW (Agent-Guided)

When setup is triggered, walk the user through it conversationally. Ask one question at a time.

Step 1 — Ask for the vault repo

"To set up Avenger Initiative, I need a private GitHub repo to use as your vault. Have you created one already? If so, share the URL (e.g. https://github.com/yourname/my-vault). If not, I can help you create one."

Step 2 — Handle the encryption key

"Your openclaw.json (which contains all API keys and bot tokens) will be encrypted with AES-256 before being pushed. Do you have an existing encryption key from a previous Avenger setup, or should I generate a new one?"

Step 3 — Run setup

bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/setup.sh \
  --repo \x3Cvault-url>

Step 4 — Show key and insist they save it

"⚠️ Your encryption key is below — save it NOW in 1Password, Bitwarden, or a secure note. Without this key, your backup cannot be decrypted."

Wait for user to confirm "saved" before proceeding.

Step 5 — Explain what will be backed up

🔐 openclaw.json — encrypted (all API keys, bot tokens, agent configs)
🧠 All memory logs and workspace files (SOUL, IDENTITY, MEMORY, TOOLS)
👥 Per-agent files for all agents
🔧 All custom skills
📋 Cron job definitions

Retention policy:

Daily → 7 days
Weekly → 8 weeks (created every Sunday)
Monthly → 12 months (created 1st of each month)

Step 6 — Run first backup & install cron

bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/backup.sh

BACKUP

bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/backup.sh

Creates backup/daily/YYYY-MM-DD branch → merges to main → prunes per retention policy.
On Sundays: also creates backup/weekly/YYYY-WNN.
On 1st of month: also creates backup/monthly/YYYY-MM.

RESTORE

bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/restore.sh

Supports --branch backup/daily/YYYY-MM-DD to restore from a specific snapshot.
Shows vault manifest, asks for confirmation, decrypts and restores all files.

After restore: openclaw gateway restart

STATUS

Check ~/.openclaw/workspace/memory/avenger-backup.log for last backup. Show timestamp, branch, and vault URL.

File Locations

~/.openclaw/
├── credentials/
│   ├── avenger.key              ← Encryption key (NEVER commit)
│   └── avenger-config.json     ← Vault repo URL
└── workspace/skills/avenger-initiative/
    ├── SKILL.md
    ├── scripts/
    │   ├── backup.sh
    │   ├── restore.sh
    │   └── setup.sh
    └── references/
        └── security.md

Security Model

Vault repo should be private on GitHub
openclaw.json → AES-256-CBC encrypted (PBKDF2, 100k iterations)
All other files → plaintext (no secrets)
Key lives only on the machine and in the user's password manager

See references/security.md for threat model and key rotation.

More verified OpenClaw skills available at proskills.md

安全使用建议

This skill appears to implement the advertised encrypted GitHub backup/restore flow, but review and consider the following before installing: - Inspect setup.sh: it calls 'gh auth token' and injects the token into an HTTPS clone URL (https://${GH_TOKEN}@...). That pattern can leak tokens in some environments; prefer 'gh repo clone' or remove token-in-URL behavior. - Confirm the vault repo is private and you control it; enable 2FA and secret scanning on the account that owns the vault. - Store the generated encryption key securely (the skill prints it and asks you to save it). If you lose the key, backups are irrecoverable; if the key is leaked, encrypted secrets can be decrypted. - Understand what the scripts copy: memory logs, custom skills, and other plaintext files are included. Verify those files don't contain additional secrets you don't want in the repo. - Be aware the setup writes a cron job to run backups automatically and the skill may auto-run after config changes. If you want manual control, skip the cron insertion or remove the job. - As a precaution, run setup and the first backup in a non-production environment to verify behavior. Consider auditing/grepping your workspace for stray credentials before allowing automatic backups. If you want, I can highlight the exact lines in setup.sh that embed the token and show a safer replacement, or produce a checklist of items to audit in your workspace before installing.

功能分析

Type: OpenClaw Skill Name: avenger-initiative Version: 1.0.5 The Avenger Initiative skill is a backup and restore utility that synchronizes OpenClaw configuration, memories, and skills to a user-provided private GitHub repository. It uses AES-256-CBC to encrypt the sensitive 'openclaw.json' file (containing API keys) before transmission, while other files are stored in plaintext as documented. The scripts (backup.sh, setup.sh, restore.sh) use standard system tools like git, gh CLI, and openssl, and include a persistence mechanism via a daily cron job to ensure regular backups.

能力评估

✓ Purpose & Capability

Name/description (encrypted GitHub backup/restore) align with the included scripts and runtime instructions: the scripts encrypt openclaw.json and push a snapshot to a user-provided private GitHub repo using the GitHub CLI. Required capabilities (gh, git, openssl) are reasonable and expected for this functionality.

ℹ Instruction Scope

SKILL.md and the scripts keep scope to backup/restore operations, but the skill will copy many workspace files, agent workspaces, custom skills, and memory logs (plaintext) into the vault. It also auto-adds a cron job entry so backups can run silently after config changes. Backing up all custom skills and memory logs is functionally justified for a full restore, but this expands the data surface (these files can accidentally contain secrets). The SKILL.md claim that only openclaw.json contains secrets is an assumption that may not hold on all deployments.

✓ Install Mechanism

No external install step is declared (instruction-only), and scripts are plain Bash included in the package. There is no download-from-untrusted-URL or binary execution beyond system tools (git, gh, openssl). This is low risk compared to code that downloads and executes remote artifacts.

⚠ Credentials

The package requests no extra environment variables, which is appropriate. However, setup.sh calls 'gh auth token' and then injects that token into an HTTPS URL used for git clone (REPO_URL contains https://${GH_TOKEN}@...), which is unnecessary (other scripts correctly use 'gh repo clone') and increases the chance of token leakage (e.g., in process args, local .git config during clone, or unexpected logging). The scripts read local key files under ~/.openclaw/credentials (expected) but also copy any workspace content and custom-skill scripts — which may contain sensitive strings in some deployments. The overall set of file accesses is proportional to a full-system backup but does widen the data surface compared to a minimal secrets-only backup.

ℹ Persistence & Privilege

always:false and user-invocable:true are reasonable. The skill modifies the OpenClaw cron jobs.json to schedule nightly backups and can auto-run after 'critical config change' (per SKILL.md). Modifying the agent's cron configuration is expected for scheduled backups, but users should be aware backups may run automatically and silently (pushing data to the configured GitHub vault) unless they opt out.

版本历史

v1.0.5

v1.0.5: Fixed git clone auth — replaced manual GH_TOKEN URL injection with gh repo clone in backup.sh and restore.sh. Fixes silent failures on systems with git credential helpers.

v1.0.4

Each backup now generates a human-friendly README.md inside the vault with purpose, restore commands, and Avenger agent commands. Added AVENGER-MANIFEST.json for machine-readable metadata.

v1.0.3

Fix: main branch now always exists and always contains the latest backup. setup.sh initializes main on first run. backup.sh commits to main first, then creates dated snapshot branch — so the vault always has a standard starting point for restore.

v1.0.2

Improved README: ProSkills.md + ClawHub badges at top, full installation guide (3 methods), quick start, restore instructions. Subtle ProSkills discovery mention in SKILL.md footer.

v1.0.1

Security documentation: SHA256 checksums and full script-by-script safety analysis. Addresses false positive AV flags — all operations are local backup and git push to the user's own private repo.

v1.0.0

Initial release. Encrypted GitHub backup for OpenClaw. Branch-per-night with 7/8/12 retention. Listed on ProSkills.md: https://proskills.md/skills/avenger-initiative

元数据

Slug avenger-initiative

版本 1.0.5

许可证 MIT-0

累计安装 1

当前安装数 0

历史版本数 6

常见问题