← 返回 Skills 市场
279
总下载
0
收藏
1
当前安装
21
版本数
在 OpenClaw 中安装
/install clawmerge
功能描述
OpenClaw workspace 备份/恢复/合并工具。 支持:完整备份、合并恢复(不覆盖已有)、Cron 任务备份、会话记录备份、配置导出。 触发词:「备份」「恢复」「迁移」「换电脑」「导出配置」「合并记忆」。 当 workspace 需要迁移、定期备份、或从另一台设备恢复时使用。
使用说明 (SKILL.md)
Clawmerge - Workspace 备份/恢复工具
换电脑不丢记忆,备份不覆盖重要文件。
核心能力
| 功能 | 说明 |
|---|---|
| 完整备份 | 打包整个 workspace(可排除敏感文件) |
| 合并恢复 | 解压时不覆盖已有文件,适合从另一台设备增量恢复 |
--merge-auth |
备份里有但本地没有 gateway token 时,自动填充(additive only) |
| Cron 备份 | 自动备份 cron 任务配置 |
| 会话备份 | 可选包含会话记录(.jsonl) |
| 配置导出 | 导出脱敏后的公开配置 |
使用场景
场景 1:定期备份(手动)
cd ~/.openclaw/workspace
./skills/clawmerge/scripts/one-click-backup.sh /tmp/backup-$(date +%Y%m%d).tar.gz
场景 2:换电脑后恢复(合并模式)
# 从备份文件恢复,不覆盖已有文件
./skills/clawmerge/scripts/one-click-restore.sh /path/to/backup.tar.gz --merge
场景 3:查看备份内容(不解压)
tar -tzf backup.tar.gz | head -50
场景 4:只备份 Cron 任务
./skills/clawmerge/scripts/backup-cron-tasks.sh
脚本清单
| 脚本 | 用途 |
|---|---|
one-click-backup.sh |
一键备份 workspace |
one-click-restore.sh |
解压恢复(支持 --merge 合并模式) |
backup-cron-tasks.sh |
单独备份 cron 配置 |
restore-cron-tasks.sh |
恢复 cron 配置 |
discover-scripts.py |
扫描 workspace 中的自定义脚本 |
gen-requirements.py |
生成 requirements.txt |
post-restore-check.sh |
恢复后检查完整性 |
workspace-manager.sh |
workspace 空间管理(查看大小/清理) |
备份排除规则
以下文件默认排除(不备份):
| 排除 | 原因 |
|---|---|
*.pyc |
编译缓存 |
__pycache__/ |
Python 缓存 |
.session/ |
临时会话 |
node_modules/ |
npm 包(可从 package.json 恢复) |
secrets.json |
密钥文件 |
openclaw.json |
包含 bot token 等敏感信息 |
配置备份:敏感配置用 configs/public-config.json 代替(含股票列表、推送目标等公开部分,密钥用占位符)。
合并恢复逻辑(--merge)
# 合并模式:遇到同名文件
# - 若原文件与备份不同 → 保留原文件(不覆盖)
# - 若原文件不存在 → 从备份解压
# - 备份中有、原文件没有 → 恢复
使用 --merge 的场景:
- 从另一台设备的备份恢复(避免覆盖本机已有的配置)
- 合并两台设备的工作成果
不使用 --merge 的场景:
- 全新环境直接恢复 → 直接解压覆盖
Dry Run 预览
# 先看会备份哪些文件,不实际执行
./one-click-backup.sh --dry-run /tmp/test.tar.gz
输出物
备份成功后生成:
backup.tar.gz:主备份文件backup-manifest.txt:备份文件清单backup-cron-config.json:Cron 任务配置(JSON格式)
恢复后生成:
restore-report.txt:恢复报告(含跳过/覆盖/新增文件列表)
故障处理
| 问题 | 解决方案 |
|---|---|
| 备份文件过大 | 使用 --exclude 排除大文件/目录 |
| 恢复失败 | 检查 .tar.gz 是否损坏;尝试 tar -tzf 验证 |
| Cron 未恢复 | 手动运行 restore-cron-tasks.sh |
| 会话记录丢失 | 下次启动 agent 时会自动重建空会话 |
依赖
bashtarpython3(用于 discover-scripts.py 和 gen-requirements.py)
备份不是为了恢复,是为了放心地往前走。 📦
安全使用建议
This tool largely does what it says, but inspect and test before trusting it with real backups. Specific recommendations:
- Review the scripts yourself (especially backup-cron-tasks.sh, restore-cron-tasks.sh, one-click-restore.sh) to confirm how tokens and credentials are handled.
- Do a dry-run first (scripts support --dry-run) and inspect the generated backup archive contents before restoring anywhere.
- Back up your current ~/.openclaw/openclaw.json and any agent credential files before running a restore.
- Avoid using --merge-auth unless you understand where the backup's token comes from and you trust the source; prefer manual token copy if uncertain.
- Note the scripts scan system crontab and common dirs (/opt, ~/scripts); if you have sensitive scripts outside the workspace, consider running discovery/backup in a constrained environment or removing those entries first.
- Because some messages in scripts claim tokens are excluded while code writes an auth_token field, assume tokens may leak into backup artifacts unless you verify the produced archive contents. If you're unsure, install and run the skill in an isolated/test account first.
功能分析
Type: OpenClaw Skill
Name: clawmerge
Version: 3.0.9
The bundle provides comprehensive backup and restore functionality for OpenClaw workspaces, including cron jobs and session history. It is classified as suspicious due to a discrepancy in scripts/backup-cron-tasks.sh, where the code explicitly extracts the gateway authentication token from ~/.openclaw/openclaw.json and includes it in the backup file, while the script's console output explicitly claims that auth tokens are NOT included for security. While this behavior facilitates migration, the misleading UI message regarding sensitive data collection is a concern. The scripts also perform high-risk operations such as modifying system crontabs and installing Python dependencies via pip3.
能力评估
Purpose & Capability
The name/description (workspace backup/merge/restore) aligns with the included scripts: backup, restore, cron export/restore, script discovery, session handling. Actions such as reading ~/.openclaw, packaging workspace files, and restoring into the workspace are coherent with the stated purpose.
Instruction Scope
The runtime scripts scan system crontab, common system directories (/opt/scripts, ~/scripts, ~/bin), and read multiple OpenClaw files (e.g., ~/.openclaw/openclaw.json, ~/.openclaw/cron/jobs.json). They also can modify system crontab, copy scripts into ~/scripts, set execute permissions, and write to ~/.openclaw/openclaw.json when --merge-auth is used. While some of this is expected for a migration tool, the scripts collect and may write machine-level credentials (gateway token) and scan broad filesystem locations beyond the workspace, which expands the scope beyond simple file packaging.
Install Mechanism
This is instruction-only with included scripts (no external install spec, no remote downloads). Nothing in the install channel pulls remote code or writes arbitrary binaries—risk from install mechanism is low.
Credentials
The skill requests no environment variables, but it directly reads and can write sensitive local configuration files (e.g., ~/.openclaw/openclaw.json, agents auth files, system crontab). Notably, backup-cron-tasks.py populates an 'auth_token' field from ~/.openclaw/openclaw.json (contradicting script output claiming tokens are not included), and restore-cron-tasks.sh contains logic to fill the local gateway token from the backup when --merge-auth is used. Exporting auth tokens into backup artifacts or automatically filling local tokens increases the risk surface and is not fully consistent with the doc's stated exclusions.
Persistence & Privilege
The skill is not force-installed (always: false) and does not request platform-level privileges. However, its scripts intentionally modify local files (workspace, configs, system crontab) and may modify ~/.openclaw/openclaw.json in merge mode. That behavior is expected for a restore tool but amplifies risk if backups contain sensitive tokens.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawmerge - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawmerge触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.9
v3.0.9: 修复restore安全问题;修复backup路径bug;新增版本检查;cron merge支持--merge-auth
v3.0.8
v3.0.8: 修复 --with-sessions 的 tar 逻辑(--exclude 对所有路径生效,包括显式添加)
v3.0.7
v3.0.7: 修复 --with-sessions 参数无效的 bug(会话记录未实际打包)
v3.0.6
v3.0.6: 修复发布问题、增量备份优化
v3.0.5
v3.0.5: 移除 sudo 命令,避免安全误报
v3.0.4
v3.0.4: 移除 HTTP 服务器功能,避免被 VirusTotal 误报
v3.0.3
v3.0.3: 精简 SKILL.md,优化描述
v3.0.2
v3.0.2: 优化内容,重新发布触发审核
v3.0.1
v3.0.1: 真正修复备份逻辑,使用 tar -C 切换到 workspace 目录备份
v3.0.0
clawmerge 3.0.0 – Major update
- Version updated from 2.5.0 to 3.0.0
- Documentation and metadata updates to reflect major version increase
- No user-facing new features, fixes, or options added in this release
- All backup, restore, disaster recovery, session and cron task features remain as in 2.5.0
v2.5.0
NEW: Python dependencies backup (requirements.txt), Post-restore check script
v2.4.1
FIXED: task-scripts directory not found error - skip directory if no scripts discovered
v2.4.0
NEW: Auto-discover task scripts from cron, configs, and common directories. NEW: Generate scripts-list.json with all discovered scripts. NEW: Restore task scripts script (restore-task-scripts.sh). IMPROVED: Complete backup workflow (scripts + configs + cron).
v2.3.2
IMPROVED: Better error handling for missing export scripts. NEW: Installation guide (INSTALL-CONFIG-TOOLS.md) for配套 scripts. FIXED: Clearer messages when scripts or directories are missing.
v2.3.1
NEW: Auto-export public configuration before backup (fully automated, no manual step needed).
v2.3.0
NEW: Public configuration export system (safe to backup, no sensitive data). NEW: Configuration separation (public vs sensitive vs private). NEW: Auto-generate recovery scripts with placeholder guidance. IMPROVED: Backup includes configs/ directory and public-config.json.
v2.2.2
FIXED: --with-sessions parameter now correctly includes session records (removed .backup-sessions from EXCLUDE_ITEMS)
v2.2.1
v2.2.1: Fixed cron export files not being included in backup archive
v2.2.0
v2.2: FIXED - Cron tasks integrated in archive, Session records backup (optional --with-sessions)
v2.1.0
v2.1: Added cron tasks backup/export for easy migration. Backup now includes cron configuration + system crontab. Restore provides migration guidance.
元数据
常见问题
Clawmerge 是什么?
OpenClaw workspace 备份/恢复/合并工具。 支持:完整备份、合并恢复(不覆盖已有)、Cron 任务备份、会话记录备份、配置导出。 触发词:「备份」「恢复」「迁移」「换电脑」「导出配置」「合并记忆」。 当 workspace 需要迁移、定期备份、或从另一台设备恢复时使用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 279 次。
如何安装 Clawmerge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawmerge」即可一键安装,无需额外配置。
Clawmerge 是免费的吗?
是的,Clawmerge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Clawmerge 支持哪些平台?
Clawmerge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Clawmerge?
由 sinoslug(@sinoslug)开发并维护,当前版本 v3.0.9。
推荐 Skills