← 返回 Skills 市场
242
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install daily-backup
功能描述
每日 Git 备份。提交工作区所有变更,记录变更摘要。触发时机:cron 定时任务或手动调用。
使用说明 (SKILL.md)
Daily Backup
每日 Git 全量备份,记录变更摘要。
核心流程
- 读取 references/spec.md 获取详细规范
- 运行
scripts/auto-backup.sh - 检查是否有新提交
- 读取变更统计
- 生成报告并发送
触发时机
- cron 定时任务(建议每日)
- 用户明确要求时
投递规则(必须)
完成报告后,通过消息工具发送。
- 渠道:feishu
- 目标:\x3C飞书群ID或用户ID> 如果报告超过 3800 字符,分成多条消息发送。 每条消息必须语义完整(不断开 URL 或格式)。 如果发送失败,重试一次。如果仍然失败,输出错误——永远不要静默退出。
输出
- 报告位置:
data/exec-logs/daily-backup/YYYY-MM-DD.md - 消息推送到飞书群
安全使用建议
Do not install or enable this skill until the missing pieces are clarified and reviewed. Specifically:
- Ask the author to provide scripts/auto-backup.sh and any other referenced scripts; review their contents line-by-line before execution. The script could run arbitrary shell commands.
- Require the skill manifest to declare required binaries (e.g., git) and any environment variables it needs (Feishu webhook or token, git remote credentials). Do not supply high-privilege or broadly-scoped credentials without justification.
- Confirm whether the backup will push to a remote repository and, if so, where (remote URL) and how authentication is handled. Avoid giving long-lived credentials; prefer a dedicated deploy key or webhook with least privilege.
- Because the instructions commit 'all workspace changes', audit the repository for secrets and consider running in an isolated environment or CI runner with limited access.
- Prefer Feishu webhooks (read-only inbound) over embedding tokens; insist the skill declare exactly how it will authenticate and which Feishu endpoint it will use.
- If you must test, do so in a throwaway repository/VM with no sensitive data and with network access restricted. If the author cannot provide the missing script or clear credential requirements, treat the skill as unsafe.
功能分析
Type: OpenClaw Skill
Name: daily-backup
Version: 1.0.1
The skill bundle is classified as suspicious because it requires high-risk capabilities, specifically shell script execution (scripts/auto-backup.sh) and network communication to an external Feishu endpoint. While the instructions in SKILL.md and references/spec.md describe a legitimate backup workflow, the actual shell script content is missing from the bundle, and the automated reporting mechanism could be leveraged for data exfiltration if the underlying script is designed to collect sensitive information.
能力评估
Purpose & Capability
The description promises a 'daily Git backup' that commits workspace changes and posts reports to Feishu. However, the skill does not declare required binaries (git), any environment variables or credentials for Feishu, nor the scripts it expects to run. Requiring arbitrary commit operations and remote messaging without declaring the need for git and Feishu credentials is inconsistent with the stated purpose.
Instruction Scope
SKILL.md directs the agent to run scripts/auto-backup.sh (not included) and to '提交工作区所有变更' (commit the entire workspace). Running a non-included shell script could execute arbitrary commands and the commit-all behavior risks staging secrets. The instructions also require sending reports to Feishu and strictly mandate retry/never-silent-fail behavior, but do not specify how to authenticate or which API/hook to use.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes direct disk writes from the skill itself. The remaining risk comes from the external shell script it intends to run (which is not bundled).
Credentials
The skill expects to post messages to Feishu and operate Git but declares no required environment variables or credentials (Feishu tokens/webhook, git credentials, remote repo auth). Absence of declared secrets is a mismatch: posting to an external chat and pushing to remote repos generally require credentials and those should be made explicit and limited.
Persistence & Privilege
always is false and the skill has no install-time persistence. It will run only when invoked (or by autonomous model invocation, which is the platform default). There is no evidence it modifies other skills or global agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install daily-backup - 安装完成后,直接呼叫该 Skill 的名称或使用
/daily-backup触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- 更新了飞书推送目标的占位符说明,将具体 ID 替换为 "<飞书群ID或用户ID>"
- 其他内容与 1.0.0 版本保持一致
v1.0.0
Initial release of daily-backup.
- Automates daily Git backups, committing all workspace changes and summarizing differences.
- Can be triggered by a cron job or manual invocation.
- Generates detailed change reports, posted to Feishu group.
- Handles report delivery: splits long reports, ensures semantic completeness, and retries on failure.
- Stores backup logs by date for easy reference.
元数据
常见问题
Daily Backup 是什么?
每日 Git 备份。提交工作区所有变更,记录变更摘要。触发时机:cron 定时任务或手动调用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 242 次。
如何安装 Daily Backup?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install daily-backup」即可一键安装,无需额外配置。
Daily Backup 是免费的吗?
是的,Daily Backup 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Daily Backup 支持哪些平台?
Daily Backup 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Daily Backup?
由 AxelHu(@axelhu)开发并维护,当前版本 v1.0.1。
推荐 Skills