功能描述

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto...

使用说明 (SKILL.md)

ClawRoam — Portable Agent Environment

Name: ClawRoam
Author: getlighty

You are an OpenClaw agent with the clawroam skill installed. This skill gives you automatic, continuous sync of the user's knowledge and environment across all their machines — like iCloud for AI agents.

Architecture

ClawRoam works like a combination of iCloud and Git:

Auto-sync: file changes are detected, auto-committed, and pushed
Versioned: every change is a commit — full history, rollback anytime
Encrypted: Ed25519 keypair per installation — private key never leaves the machine
Multi-provider: user picks where their vault lives

Providers

Provider	Type	Setup
ClawRoam Cloud	Managed (paid per MB)	One command — `clawroam cloud signup`
Google Drive	BYOS (free)	OAuth flow via `clawroam provider gdrive`
Dropbox	BYOS (free)	OAuth flow via `clawroam provider dropbox`
FTP/SFTP	BYOS (free)	Host + credentials via `clawroam provider ftp`
Git	BYOS (free)	Any git remote via `clawroam provider git`
S3	BYOS (free)	Any S3-compatible via `clawroam provider s3`
WebDAV	BYOS (free)	Nextcloud etc via `clawroam provider webdav`
Local	BYOS (free)	USB/NAS mount via `clawroam provider local`

"BYOS" = Bring Your Own Storage. Free forever. ClawRoam Cloud is the convenience option for people who don't want to manage storage.

What Syncs

ALWAYS SYNCED (shared knowledge pool):
  identity/USER.md          Who you are
  knowledge/MEMORY.md       Long-term memory
  knowledge/projects/       Project context
  requirements.yaml         System packages
  skills-manifest.yaml      Installed skills list

NEVER AUTO-SYNCED (per-instance):
  local/SOUL.md             This agent's personality
  local/IDENTITY.md         This agent's identity
  local/config-override     Local config tweaks

OPT-IN SYNC:
  openclaw config.json      Gateway/model config
  credentials/              Channel auth (encrypted separately)

Commands

When the user asks about vault operations, use these:

First-Time Setup

"set up clawroam" → clawroam.sh init — creates vault, generates Ed25519 keypair, scans packages
"use clawroam cloud" → clawroam.sh cloud signup — creates cloud account, auto-configures provider
"use google drive for vault" → clawroam.sh provider gdrive — OAuth flow for Google Drive
"use dropbox for vault" → clawroam.sh provider dropbox
"use FTP for vault" → clawroam.sh provider ftp — asks for host, port, credentials

Daily Use (mostly invisible)

"sync status" → clawroam.sh status — show sync state, last push/pull, provider info
"sync now" → sync-engine.sh push — force immediate sync
"show vault history" → sync-engine.sh log — show commit history (like git log)
"rollback vault" → sync-engine.sh rollback — revert to previous state
"what changed" → sync-engine.sh diff — show pending changes

Packages

"scan packages" → track-packages.sh scan
"what's different from vault" → track-packages.sh diff
"install missing packages" → track-packages.sh install — shows commands, asks before running

Migration

"migrate to this machine" / "pull from vault" → migrate.sh pull — interactive restore wizard
"push my soul to vault" → migrate.sh push-identity — explicit opt-in only

Profiles

Each machine backs up to its own named profile (default: hostname). Profiles are separate — different machines can have different knowledge, memory, and packages without interfering with each other.

"show profile" / "what profile am I on" → clawroam.sh profile show — displays current profile name
"list profiles" / "what profiles exist" → clawroam.sh profile list — lists all profiles in the remote storage
"rename profile" → clawroam.sh profile rename \x3Cnew-name> — renames this machine's profile
"restore from another machine" / "pull profile X" → clawroam.sh profile pull \x3Cname> — restores a specific profile to this machine (overwrites local vault with that profile's data, does NOT affect the source)

Key Management

"show my vault key" → keypair.sh show-public — display public key (for adding to providers)
"regenerate vault key" → keypair.sh rotate — generates new keypair, re-registers with provider

Behavior Rules

Auto-sync is ON by default after setup — like iCloud. The user should not have to think about syncing. Changes are pushed within 30 seconds.
Never sync SOUL.md or IDENTITY.md without explicit permission.
Always confirm before installing packages. Show the diff, let them pick.
Private key never leaves the machine. It's stored in ~/.clawroam/keys/ with 600 permissions. The public key is registered with the vault provider.
Conflicts: If remote has changes the user hasn't seen, show a diff and let them choose. Auto-merge for non-conflicting changes (like git).
Be transparent about costs. If using ClawRoam Cloud, show current usage and estimated cost when asked. Never surprise the user with charges.
Offline-first. Everything works locally. Sync happens when connectivity is available. Queue changes and push when back online.
Profiles are separate by default. Each machine pushes to its own named profile (default: hostname). Profiles never merge automatically. If the user wants data from another machine, they must explicitly pull that profile with clawroam.sh profile pull \x3Cname>.

ClawRoam Cloud Pricing

When users ask about pricing:

First 50 MB free — enough for most single-user vaults
$0.005/MB/month after that (~$0.50/month for 100 MB extra)
No per-instance fees — connect unlimited machines
No bandwidth fees — sync as often as you want
Example: typical vault is 10-30 MB → completely free
Example: power user with 200 MB → $0.75/month
Example: team vault with 2 GB → ~$10/month

安全使用建议

What to check before installing or using ClawRoam: - Verify origin and reputation: the package lists an unknown owner and has no homepage. If you don't already trust the publisher, audit the scripts before running them. - Inspect key management: review src/keypair.sh and providers/cloud.sh to ensure your private key is never transmitted. The repo claims private keys remain local; confirm the implementation matches that claim. - Review what you opt into syncing: by default SOUL.md and IDENTITY.md are not auto-synced, and 'openclaw config.json' / 'credentials/' are opt-in. Never enable those sync options unless you fully understand the consequences — they can contain channel tokens and other sensitive secrets. - Consider cryptography details: the client-side encrypts archives with AES-256-CBC before upload and the server verifies signatures. AES-CBC is not an authenticated encryption mode by itself; the protocol uses signed hashes to protect integrity, but you should review the key-derivation and signing code to ensure it meets your threat model. - If you plan to use the managed cloud: examine the cloud endpoint (https://clawroam-api.ovisoftblue.workers.dev). If you prefer, self-hosting is supported — the repo contains cloud-api and a Cloudflare Worker implementation. Deploying your own backend avoids trusting a third-party endpoint. - Check provider implementations: BYOS providers (gdrive, dropbox, s3, git, ftp, webdav) typically use rclone or OAuth tokens. Confirm where OAuth refresh tokens are stored (the README claims system keychain/libsecret) and that you are comfortable with that storage policy. - Inspect automated behaviors: the sync engine auto-commits and auto-pushes changes. If you are concerned about unintended data leaving a device, keep the sync daemon off and use manual push/pull until you are confident in the configuration. If you are not comfortable auditing the code yourself, consider using only the BYOS providers with local storage or self-hosting the cloud backend rather than using the unknown managed endpoint.

功能分析

Type: OpenClaw Skill Name: clawroam Version: 3.0.1 The skill is classified as suspicious due to a critical shell injection vulnerability in `track-packages.sh` (via `eval "$cmd"` for package installation, where package names are sourced from a remote vault, allowing a compromised vault to execute arbitrary commands on the agent's machine). Additionally, the `providers/ftp.sh` and `providers/git.sh` scripts use `ssh -o StrictHostKeyChecking=no`, which is a significant vulnerability enabling Man-in-the-Middle attacks. The `cloud-api-worker/src/index.ts` and `cloud-api/src/index.ts` APIs also have an information disclosure vulnerability where a malicious client could upload a crafted tar archive with paths like `../../../../etc/passwd` and then request to view its contents via the `/files` or `/file/*` endpoints, potentially exposing sensitive data from the archive itself, though not from the server's host system.

能力评估

✓ Purpose & Capability

The name/description (portable vault, sync of knowledge/packages/memory) matches what the scripts and server code implement. Required binaries listed in SKILL.md (curl, git, openssl, ssh-keygen, python3, rsync, tar, fswatch optional) are reasonable for the stated functionality and are used by the included bash scripts. The repo also contains a cloud backend implementation (Node/Cloudflare Worker), which aligns with the 'ClawRoam Cloud' managed provider mentioned in the docs.

ℹ Instruction Scope

Runtime instructions direct the agent to run local scripts (clawroam.sh, sync-engine.sh, migrate.sh, track-packages.sh) and to contact the declared cloud endpoint only when the 'cloud' provider is used. The skill will read OpenClaw workspace files (USER.md, MEMORY.md) when initializing — this is expected. There is an opt-in path for syncing sensitive things (credentials/ channel auth, openclaw config) and SKILL.md shows sensible defaults (config/soul/identity sync disabled). Verify you understand and control any opt-in steps, because those are the only paths that would transmit channel or credential material off-device.

✓ Install Mechanism

No install spec is provided (instruction-only), so nothing is automatically downloaded or executed outside the included repository. The project contains source code and scripts that run directly. This is a lower-risk install model than an arbitrary remote download, but you must still inspect and trust the bundled scripts before running them.

ℹ Credentials

As packaged for clients, the skill requires no environment variables and does not request unrelated credentials. The cloud backend code (in cloud-api/ and cloud-api-worker/) does expect server-side env vars if you deploy it yourself (DATABASE_URL, STRIPE_SECRET_KEY, S3 or R2 credentials, etc.) — those are server-side deployment needs and do not imply the client will ask for or transmit your system credentials. That said, the skill supports an opt-in sync of 'credentials/' and 'openclaw config.json' (which can contain channel tokens); syncing those would transmit highly sensitive data (even if encrypted).

✓ Persistence & Privilege

The skill does not request always:true and defaults are reasonable. Model invocation is not disabled (default), which is normal for skills. The scripts create a per-user vault at ~/.clawroam and an Ed25519 keypair stored locally; nothing in the package attempts to modify other skills or system-wide agent settings. Autonomous invocation plus network access means the skill could perform syncs automatically — but SKILL.md shows sensible defaults that avoid syncing private 'soul' and identity files unless explicitly opted in.

版本历史

v3.0.1

Patch release with minor fixes and improvements. - Updated version to 3.0.1 in SKILL.md - Small content/format changes in SKILL.md for clarity and consistency - Internal script and code adjustments in clawroam.sh and cloud-api-worker/src/index.ts (details not specified)

v3.0.0

ClawRoam 3.0.0 is a major release with enhanced requirements, network transparency, and future sync features. - Added required and optional tool dependencies, including details on degraded behavior without optional tools. - Declared specific network usage and data sharing for ClawRoam Cloud provider in the skill definition. - Expanded skill capabilities to include 'network' among available tools. - Added two planning documents for file sync rules and future design. - Updated architecture documentation and clarified behavior regarding privacy and cloud interactions.

v2.0.0

ClawRoam 2.0.0 — Major update introducing a portable, encrypted, multi-provider identity vault with auto-sync for OpenClaw agents. - Seamless, encrypted sync of agent identity, knowledge, projects, and packages across machines; like iCloud for AI agents, with version history and rollback. - Users can store vaults using their choice of provider: ClawRoam Cloud, Google Drive, Dropbox, FTP/SFTP, Git, S3, WebDAV, or local storage (BYOS). - Automatic profile management allows different machines to maintain separate, restorable environments and knowledge bases. - SOUL.md and IDENTITY.md never sync by default, preserving local privacy. - Rich command set for setup, daily sync, migration, profile management, key handling, and package operations. - Transparent, usage-based pricing for ClawRoam Cloud: first 50 MB free, then $0.005/MB/month. All core features remain free with user-provided storage.

元数据

Slug clawroam

版本 3.0.1

许可证 —

累计安装 0

当前安装数 0

历史版本数 3

常见问题

ClawRoam 是什么？

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 551 次。

如何安装 ClawRoam？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawroam」即可一键安装，无需额外配置。

ClawRoam 是免费的吗？

是的，ClawRoam 完全免费（开源免费），可自由下载、安装和使用。

ClawRoam 支持哪些平台？

ClawRoam 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 ClawRoam？

由 getlighty（@getlighty）开发并维护，当前版本 v3.0.1。

ClawRoam