← 返回 Skills 市场
clawd-migrate
作者
calabiyauman
· GitHub ↗
· v0.2.1
664
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install clawdmigrate
功能描述
Migrate moltbot or clawdbot assets to openclaw by discovering, backing up, migrating, verifying files, and reinstalling openclaw automatically.
使用说明 (SKILL.md)
clawd-migrate\r
\r Migrate from moltbot or clawdbot to openclaw. Preserves config, memory, and clawdbook (Moltbook) data safely on any system.\r \r
What it does\r
\r
- Discovers existing bot assets (memory files, config, clawdbook/Moltbook credentials)\r
- Backs up everything into a timestamped folder before any changes\r
- Migrates files into the openclaw layout:
memory/,.config/openclaw/,.config/clawdbook/\r - Verifies every source file was copied to its destination (existence + size match)\r
- Reinstalls openclaw (
npm i -g openclaw) and runsopenclaw onboardautomatically\r \r
Quick start\r
\r
npx clawd-migrate\r
```\r
\r
Interactive menu walks you through: Discover -> Backup -> Migrate -> Verify -> Reinstall openclaw.\r
\r
## CLI commands\r
\r
```bash\r
clawd-migrate # Interactive menu (default)\r
clawd-migrate discover [--root PATH]\r
clawd-migrate backup [--root PATH]\r
clawd-migrate migrate [--root PATH] [--no-backup] [--output PATH] [--setup-openclaw]\r
```\r
\r
## Requirements\r
\r
- Node.js 14+\r
- Python 3.x\r
\r
## What gets migrated\r
\r
- **Memory/identity:** SOUL.md, USER.md, TOOLS.md, IDENTITY.md, AGENTS.md, MEMORY.md\r
- **Config:** `.config/moltbook/`, `.config/moltbot/`\r
- **Clawdbook/Moltbook:** Kept under `.config/clawdbook/` (credentials, API keys)\r
- **Extra:** `projects/` (if present)\r
\r
## Tags\r
\r
migration, openclaw, moltbot, clawdbot, clawdbook, moltbook, backup, verify\r
安全使用建议
This package appears to do what it says: discover your bot files, create a timestamped backup, copy memory/config/credential files into an openclaw layout, and verify copies. Before running it: 1) Review and trust the destination (it will duplicate any credentials found under .config/moltbook or .config/moltbot into backups and .config/clawdbook). 2) Run it in a safe/test environment first (use a temporary directory) to inspect the backup manifest and confirm what will be copied. 3) If you do not want the tool to install software from the network, avoid the post-migration install/onboard step (use the CLI/TUI options that skip setup) — note the docs are inconsistent about automatic install; the migration code does not itself call the installer, but the interactive flow or flags may. 4) Because the repository metadata (homepage/repo URL empty) and versions are slightly inconsistent, prefer to inspect the package source you plan to run (the files here are included) and, if using npm, prefer installing from a known author/repo. If you need further certainty, run the tool inside an isolated/containerized environment and inspect the created backups/_manifest.txt before deleting or moving any originals.
功能分析
Type: OpenClaw Skill
Name: clawdmigrate
Version: 0.2.1
The skill is classified as suspicious due to its use of `subprocess.run(shell=True)` in `openclaw_setup.py` and `spawnSync(shell: true)` in `bin/clawd-migrate.js` for executing external commands like `npm install -g openclaw` and `openclaw onboard`. While these commands are hardcoded and directly align with the skill's stated purpose of migrating to and setting up OpenClaw, the use of `shell=True` is a known vulnerability pattern that can lead to shell injection if not handled with extreme care, even if the immediate exploit path is mitigated by hardcoded commands. Additionally, performing a global `npm install` is a high-privilege action that modifies the system's global environment. There is no evidence of intentional malicious behavior such as data exfiltration, persistence, or obfuscation; all actions are explicitly documented in `SKILL.md` and other documentation files.
能力评估
Purpose & Capability
The name and SKILL.md describe migrating moltbot/clawdbot assets to an openclaw layout; the included Python and Node wrapper code implements discovery, backup, copy, verification, and an optional post-setup. Required env/credentials are none and required binaries are Python/Node/npm which match the described functionality. Minor metadata inconsistencies: registry metadata said "instruction-only" but the package contains implementation files; package.json version (0.2.0) differs from registry version 0.2.1; homepage/repository URL empty — these are bookkeeping issues but not functional red flags.
Instruction Scope
The runtime instructions and code scan the chosen root for files including .config/moltbook and .config/moltbot and will copy credential files (credentials.json / clawdbook data) into the target .config/clawdbook and into backups. That behaviour is expected for a migration tool, but it means secrets stored in those config files will be read and duplicated on disk. Documentation contains mixed wording about whether reinstalling openclaw runs automatically or is user-prompted; the migration code (run_migration) does not itself run openclaw install/onboard, so the docs overstate automatic behavior in places — the TUI or explicit flag is the likely trigger for install-onboard.
Install Mechanism
No install spec is embedded in the skill registry entry, and the package is designed for npm distribution (bin wrapper + scripts/copy-py.js). There are no external download URLs or extract steps in the bundle. The tool can run `npm install -g openclaw` (via subprocess) which fetches code from the npm registry — expected given the stated purpose. No obscure or high-risk install hosts are used in the provided files.
Credentials
The skill declares no required environment variables or credentials, which aligns with the code. However, the code intentionally reads and copies local configuration/credential files (e.g., .config/moltbook/credentials.json) and places them into backups and the openclaw target layout. This is proportionate to a migration tool, but users should understand that secret API keys/credentials present in those paths will be duplicated on disk. The Node wrapper sets PYTHONPATH to the packaged lib for execution — normal for this packaging approach.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skills or global agent config. It writes files to disk (backups and migrated copies) and invokes subprocesses (npm/openclaw) — expected for a migration utility. Use of shell=True for subprocesses is present to match user PATH, which is intentional for locating npm/openclaw on different platforms but means the commands run in the user's shell environment.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawdmigrate - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawdmigrate触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
v0.2.1: Post-migration file verification and automatic openclaw reinstall
元数据
常见问题
clawd-migrate 是什么?
Migrate moltbot or clawdbot assets to openclaw by discovering, backing up, migrating, verifying files, and reinstalling openclaw automatically. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 664 次。
如何安装 clawd-migrate?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawdmigrate」即可一键安装,无需额外配置。
clawd-migrate 是免费的吗?
是的,clawd-migrate 完全免费(开源免费),可自由下载、安装和使用。
clawd-migrate 支持哪些平台?
clawd-migrate 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 clawd-migrate?
由 calabiyauman(@calabiyauman)开发并维护,当前版本 v0.2.1。
推荐 Skills