← 返回 Skills 市场
464
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install clawkeep
功能描述
Provides git-powered versioned backups and safe snapshot recovery for workspace files, with automated and manual snapshot options.
使用说明 (SKILL.md)
ClawKeep — Agent Skill
Git-powered versioned backups for your workspace. Every change tracked, every state recoverable.
Overview
ClawKeep gives you version-controlled backups of your workspace files. You can go back to any point in time if something goes wrong — a bad memory update, corrupted config, accidental deletion.
Prerequisites
ClawKeep must be installed globally:
npm install -g clawkeep
Verify: clawkeep --version
Setup (One Time)
Initialize ClawKeep on your workspace:
cd /path/to/your/workspace
clawkeep init
This creates:
.clawkeep/config.json— minimal config.clawkeepignore— patterns for files to skip (node_modules, .env, logs, etc.).gitignore— auto-synced from .clawkeepignore- An initial snapshot of all tracked files
Taking Snapshots
Watch Daemon (Recommended)
Start a background daemon that auto-snapshots on every file change:
clawkeep watch --daemon -d /path/to/workspace --interval 10000
- Runs in background, survives terminal close
- Debounces writes (default 10s) to avoid spam commits
- Stop with:
clawkeep watch --stop -d /path/to/workspace
Manual Snapshots
# Quick snapshot (only commits if files changed)
clawkeep snap -d /path/to/workspace -q
# Named snapshot
clawkeep snap -d /path/to/workspace -m "before risky changes"
Recovery
# See available snapshots
clawkeep log -d /path/to/workspace
# Restore to a specific snapshot (non-destructive — creates new commit)
clawkeep restore \x3Chash> -d /path/to/workspace
# Restore to N snapshots ago
clawkeep restore HEAD~3 -d /path/to/workspace
Restores are safe — they check out the old state and commit it as a new snapshot. Your full history is preserved.
Checking Status
# Quick status
clawkeep status -d /path/to/workspace
# See what changed since last snapshot
clawkeep diff -d /path/to/workspace
# View timeline
clawkeep log -d /path/to/workspace -n 10
Ignore Patterns
Edit .clawkeepignore in your workspace root to exclude files from tracking. Patterns are auto-synced to .gitignore.
Web Dashboard
clawkeep ui --daemon -d /path/to/workspace --port 3333
Visual timeline, file browser with time-travel, side-by-side diffs, one-click restore. Token-based auth is auto-generated.
Encrypted Backup Targets
For off-site encrypted backups, choose a target and follow its dedicated skill:
| Target | Skill | Description |
|---|---|---|
| Local path | skills/local/SKILL.md | NAS, USB drive, external disk, network share |
| S3 / R2 | skills/s3/SKILL.md | Cloudflare R2, AWS S3, Backblaze B2, MinIO, Wasabi |
| ClawKeep Cloud | skills/clawkeep-cloud/SKILL.md | Managed zero-knowledge backup with browser-based setup |
All targets use AES-256-GCM encryption. Your backup destination only sees opaque .enc chunk files — no file names, no metadata, no structure.
Quick Reference
| Action | Command |
|---|---|
| Initialize | clawkeep init -d \x3Cdir> |
| Auto-backup daemon | clawkeep watch --daemon -d \x3Cdir> |
| Stop daemon | clawkeep watch --stop -d \x3Cdir> |
| Manual backup | clawkeep snap -d \x3Cdir> -m "message" |
| View history | clawkeep log -d \x3Cdir> |
| Restore | clawkeep restore \x3Chash> -d \x3Cdir> |
| See changes | clawkeep diff -d \x3Cdir> |
| Launch dashboard | clawkeep ui --daemon -d \x3Cdir> --port 3333 |
| Stop dashboard | clawkeep ui --stop -d \x3Cdir> |
| Export encrypted | clawkeep export -d \x3Cdir> -p "password" |
安全使用建议
This skill is instruction-only and asks you to install and run an unverified global npm package that will run background daemons and store credentials locally. That can be useful for backups but raises risk if the package or its server-side counterpart are untrusted. Before installing: 1) Verify the 'clawkeep' npm package page and source repository (look for a homepage, GitHub repo, recent maintainers, and code review). 2) Review the package code or its published tarball for any unexpected network calls, credential exfiltration, or privileged behavior. 3) Prefer running it in an isolated environment (container, dedicated VM) and avoid giving it more permissions than necessary. 4) If using cloud targets, limit and rotate S3/API keys and understand where credentials are stored (.clawkeep/config.json). 5) Do not enable persistent daemons on shared/production agents until you have verified the code and security claims (zero-knowledge encryption, client-side encryption). If you can provide the package homepage/repo or the installed package's code, I can re-evaluate and raise confidence.
功能分析
Type: OpenClaw Skill
Name: clawkeep
Version: 0.2.9
The OpenClaw AgentSkills skill bundle for 'ClawKeep' is designed for legitimate version-controlled backups. It instructs the agent to install a global npm package (`clawkeep`), initialize workspaces, manage local and cloud backups, and run background daemons using `clawkeep` commands or `pm2`. All described actions, including extensive file system access, network communication (for cloud/S3 targets and web UI), and persistence, are directly aligned with the stated purpose of a backup solution. The skill's documentation (SKILL.md, clawkeep-cloud/SKILL.md, local/SKILL.md, s3/SKILL.md) explicitly details security features like AES-256-GCM encryption, zero-knowledge principles, client-side encryption, and secure handling of passwords (browser-based setup, keyless daemons). While S3 credentials are noted to be stored locally in `.clawkeep/config.json`, this is transparently disclosed as a design choice for the `clawkeep` tool's operation, not an attempt by the skill to exfiltrate data. There is no evidence of prompt injection attempts, obfuscation, or malicious intent within the skill bundle's instructions.
能力评估
Purpose & Capability
Name and description (git-powered, versioned backups) match the runtime instructions (clawkeep CLI commands, snapshot/restore flow). However, the skill requires installing a third-party global npm CLI (clawkeep) and relies on external services (S3, ClawKeep Cloud) even though no provenance (homepage, repo) is provided — reasonable for the stated purpose but lacking source verification.
Instruction Scope
The SKILL.md tells the agent to install and run a global CLI, start background daemons (watch, ui, sync) and use PM2/systemd to persist them; it also instructs storing credentials in a local config file and using browser flows or API keys. Those actions go beyond a transient helper and give the tool ongoing access to arbitrary workspace files and secrets on disk. The instructions also assert security properties (zero-knowledge, client-side encryption, no metadata leakage) that cannot be validated from these docs alone.
Install Mechanism
There is no install spec in the registry bundle; the docs instruct the user to run 'npm install -g clawkeep' which will fetch and install code from the public npm registry. Installing an unverified global npm package that runs daemons is moderate-to-high risk when the package source/repo isn't provided for review. Because the package will run background processes and write local config, verifying its provenance and code is important.
Credentials
The instructions request S3/R2/API keys and show env var examples (CLAWKEEP_S3_ACCESS_KEY etc.) — these are proportionate for cloud backup targets. The skill also documents storing credentials in '.clawkeep/config.json' and recommends a 'set-password' flow (claiming no password in env after setup). Storing secrets on disk and allowing a keyless daemon introduces local secret persistence which should be considered when deploying on shared hosts or agents.
Persistence & Privilege
The instructions explicitly encourage persistent background daemons and using PM2/systemd to autostart the backup watcher and UI. Although the skill metadata does not force 'always:true', following these instructions will give the installed CLI long-lived access to workspace files and any stored credentials, increasing blast radius if the package is malicious or buggy.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawkeep - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawkeep触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.9
ClawKeep 0.2.9 Changelog
- Added a comprehensive SKILL.md documentation covering setup, integration options, recovery, status checks, web dashboard, ignore patterns, encrypted backups, cloud & S3 targets, encrypted export, and programmatic usage.
- Improved guidance for secure, keyless cloud sync with agent-friendly setup and password management.
- Enhanced instructions for continuous, heartbeat-based, and intentional snapshot workflows.
- Detailed backup and restore procedures, including local, S3-compatible, and ClawKeep Cloud targets with encryption.
- Included a quick command reference and best practices for seamless workspace protection.
元数据
常见问题
Clawkeep 是什么?
Provides git-powered versioned backups and safe snapshot recovery for workspace files, with automated and manual snapshot options. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 464 次。
如何安装 Clawkeep?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawkeep」即可一键安装,无需额外配置。
Clawkeep 是免费的吗?
是的,Clawkeep 完全免费(开源免费),可自由下载、安装和使用。
Clawkeep 支持哪些平台?
Clawkeep 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Clawkeep?
由 TacoDevs(@taco-devs)开发并维护,当前版本 v0.2.9。
推荐 Skills