功能描述

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto...

使用说明 (SKILL.md)

ClawRoam — Portable Agent Environment

Name: ClawRoam
Author: getlighty

You are an OpenClaw agent with the clawroam skill installed. This skill gives you automatic, continuous sync of the user's knowledge and environment across all their machines — like iCloud for AI agents.

Architecture

ClawRoam works like a combination of iCloud and Git:

Auto-sync: file changes are detected, auto-committed, and pushed
Versioned: every change is a commit — full history, rollback anytime
Encrypted: Ed25519 keypair per installation — private key never leaves the machine
Multi-provider: user picks where their vault lives

Providers

Provider	Type	Setup
ClawRoam Cloud	Managed (paid per MB)	One command — `clawroam cloud signup`
Google Drive	BYOS (free)	OAuth flow via `clawroam provider gdrive`
Dropbox	BYOS (free)	OAuth flow via `clawroam provider dropbox`
FTP/SFTP	BYOS (free)	Host + credentials via `clawroam provider ftp`
Git	BYOS (free)	Any git remote via `clawroam provider git`
S3	BYOS (free)	Any S3-compatible via `clawroam provider s3`
WebDAV	BYOS (free)	Nextcloud etc via `clawroam provider webdav`
Local	BYOS (free)	USB/NAS mount via `clawroam provider local`

"BYOS" = Bring Your Own Storage. Free forever. ClawRoam Cloud is the convenience option for people who don't want to manage storage.

What Syncs

ALWAYS SYNCED (shared knowledge pool):
  identity/USER.md          Who you are
  knowledge/MEMORY.md       Long-term memory
  knowledge/projects/       Project context
  requirements.yaml         System packages
  skills-manifest.yaml      Installed skills list

NEVER AUTO-SYNCED (per-instance):
  local/SOUL.md             This agent's personality
  local/IDENTITY.md         This agent's identity
  local/config-override     Local config tweaks

OPT-IN SYNC:
  openclaw config.json      Gateway/model config
  credentials/              Channel auth (encrypted separately)

Commands

When the user asks about vault operations, use these:

First-Time Setup

"set up clawroam" → clawroam.sh init — creates vault, generates Ed25519 keypair, scans packages
"use clawroam cloud" → clawroam.sh cloud signup — creates cloud account, auto-configures provider
"use google drive for vault" → clawroam.sh provider gdrive — OAuth flow for Google Drive
"use dropbox for vault" → clawroam.sh provider dropbox
"use FTP for vault" → clawroam.sh provider ftp — asks for host, port, credentials

Daily Use (mostly invisible)

"sync status" → clawroam.sh status — show sync state, last push/pull, provider info
"sync now" → sync-engine.sh push — force immediate sync
"show vault history" → sync-engine.sh log — show commit history (like git log)
"rollback vault" → sync-engine.sh rollback — revert to previous state
"what changed" → sync-engine.sh diff — show pending changes

Packages

"scan packages" → track-packages.sh scan
"what's different from vault" → track-packages.sh diff
"install missing packages" → track-packages.sh install — shows commands, asks before running

Migration

"migrate to this machine" / "pull from vault" → migrate.sh pull — interactive restore wizard
"push my soul to vault" → migrate.sh push-identity — explicit opt-in only

Profiles

Each machine backs up to its own named profile (default: hostname). Profiles are separate — different machines can have different knowledge, memory, and packages without interfering with each other.

"show profile" / "what profile am I on" → clawroam.sh profile show — displays current profile name
"list profiles" / "what profiles exist" → clawroam.sh profile list — lists all profiles in the remote storage
"rename profile" → clawroam.sh profile rename \x3Cnew-name> — renames this machine's profile
"restore from another machine" / "pull profile X" → clawroam.sh profile pull \x3Cname> — restores a specific profile to this machine (overwrites local vault with that profile's data, does NOT affect the source)

Key Management

"show my vault key" → keypair.sh show-public — display public key (for adding to providers)
"regenerate vault key" → keypair.sh rotate — generates new keypair, re-registers with provider

Behavior Rules

Auto-sync is ON by default after setup — like iCloud. The user should not have to think about syncing. Changes are pushed within 30 seconds.
Never sync SOUL.md or IDENTITY.md without explicit permission.
Always confirm before installing packages. Show the diff, let them pick.
Private key never leaves the machine. It's stored in ~/.clawroam/keys/ with 600 permissions. The public key is registered with the vault provider.
Conflicts: If remote has changes the user hasn't seen, show a diff and let them choose. Auto-merge for non-conflicting changes (like git).
Be transparent about costs. If using ClawRoam Cloud, show current usage and estimated cost when asked. Never surprise the user with charges.
Offline-first. Everything works locally. Sync happens when connectivity is available. Queue changes and push when back online.
Profiles are separate by default. Each machine pushes to its own named profile (default: hostname). Profiles never merge automatically. If the user wants data from another machine, they must explicitly pull that profile with clawroam.sh profile pull \x3Cname>.

ClawRoam Cloud Pricing

When users ask about pricing:

First 50 MB free — enough for most single-user vaults
$0.005/MB/month after that (~$0.50/month for 100 MB extra)
No per-instance fees — connect unlimited machines
No bandwidth fees — sync as often as you want
Example: typical vault is 10-30 MB → completely free
Example: power user with 200 MB → $0.75/month
Example: team vault with 2 GB → ~$10/month

安全使用建议

What to consider before installing or using ClawRoam: - Trust the managed cloud operator: the repository references a specific Cloudflare Workers domain for ClawRoam Cloud. If you choose the managed option, your vault archives (potentially sensitive data) will be uploaded to that remote service. Only use the managed cloud if you trust that operator and understand their privacy/billing terms. - BYOS is safer if you want control: you can avoid the managed cloud by configuring Google Drive/Dropbox/S3/Git/Local providers. Review the provider scripts (providers/*.sh) to confirm how credentials/OAuth tokens are stored (they claim to use the system keychain, but verify). - Metadata omission: the package registry entry declares no environment variables, but the included backend code expects DB, Stripe, and S3 credentials if deployed. If you plan to deploy the backend yourself, you must supply those secrets and understand their responsibilities. - Inspect what will be read/pushed: client scripts will read your OpenClaw workspace and various files under your home directory and will auto-commit and push changes by default after setup. Make sure sensitive files you do not want synchronized are placed under the 'local/' paths (SOUL.md, IDENTITY.md) or excluded in config before enabling auto-sync. - Verify cryptography semantics: the design claims the private key never leaves the machine and pushes are signed; inspect keypair.sh and provider scripts to confirm the private key is never transmitted and signatures are performed locally. - Start cautiously: initialize locally first (do not run cloud signup), inspect generated ~/.clawroam contents and provider config, and test push/pull with BYOS or a disposable remote before committing real data to any managed service. If you want, I can point to the specific lines in the provider/cloud scripts and keypair code that implement uploads, signatures, and where environment variables are read so you can review them in detail.

功能分析

Type: OpenClaw Skill Name: getlighty-clawroam Version: 2.1.1 The OpenClaw AgentSkills skill bundle is classified as suspicious due to several significant vulnerabilities, although there is no clear evidence of intentional malice. The most critical issue is a potential shell injection vulnerability in `track-packages.sh` where `eval "$cmd"` is used to install packages, making it susceptible to arbitrary command execution if package names contain shell metacharacters. Additionally, multiple `providers/*.sh` scripts (e.g., `dropbox.sh`, `gdrive.sh`) use `curl ... | bash` to install `rclone`, posing a supply chain risk for remote code execution if `rclone.org` or the download is compromised. The `providers/ftp.sh` script also disables `StrictHostKeyChecking` for SSH, creating a Man-in-the-Middle (MITM) vulnerability.

能力评估

⚠ Purpose & Capability

Name/description promise: a portable encrypted vault that can use BYOS or a managed ClawRoam Cloud. The repository contains matching client-side bash scripts (sync engine, providers, keypair management) so client behavior aligns. However, registry metadata lists no required environment variables while the included cloud backend code (cloud-api/ and cloud-api-worker/) expects server-side secrets (DATABASE_URL, STRIPE_SECRET_KEY, S3_* envs, etc.). The skill bundle therefore mixes a client-only runtime with a deployable backend without declaring those server-side credentials — an inconsistency that makes intent and deployment responsibilities unclear.

⚠ Instruction Scope

SKILL.md instructs the agent (via exec/file tools) to run many local scripts that: scan package managers, read/copy files from detected OpenClaw workspace, generate/rotate Ed25519 keypairs, initialize a local git repo, watch and auto-commit local files, and invoke provider scripts that perform OAuth flows or upload/download archives. These actions legitimately belong to a sync vault, but they also grant the skill access to a broad set of user files (USER.md, MEMORY.md, packages lists, openclaw dir) and can push compressed archives to remote providers. The README/CLAUDE.md also point to a specific live Cloudflare Workers domain (clawroam-api.ovisoftblue.workers.dev) — a hard-coded external endpoint not highlighted as a required/third-party endpoint in the skill metadata.

✓ Install Mechanism

There is no installer that downloads arbitrary remote code; the skill is instruction-first and ships local bash scripts and optional Node.js backend sources. Client-side scripts are pure bash (no remote downloads by default). The cloud backend is Node/Cloudflare code included in the repository (requires npm/wrangler to deploy) — that is fine as source, but deploying it requires server secrets (not declared). No suspicious external download URLs or extract steps are present in the skill metadata.

⚠ Credentials

Registry metadata declared no required env vars, but the included cloud backend and storage layer clearly expect many environment values (DATABASE_URL, STRIPE_SECRET_KEY, STRIPE_PRICE_ID, S3_ENDPOINT/ACCESS_KEY/SECRET_KEY/Bucket, STORAGE_PATH, PORT, etc.). Provider scripts likely require credentials for rclone/remote providers or S3, and the skill's runtime will prompt for OAuth or credentials if you select a provider. The lack of declared environment requirements is therefore misleading and undercounts sensitive configuration that may be supplied or stored when using the managed cloud or deploying the backend.

ℹ Persistence & Privilege

The skill is not force-installed (always:false) and can be invoked by the user. It creates persistent data in ~/.clawroam, generates/stores an Ed25519 private key locally (permissions claimed 600), and can run an auto-sync daemon (on by default after setup). Continuous background sync is expected for a vault but increases blast radius if a remote provider is untrusted or misconfigured. The skill does not request to modify other skills or system-wide agent settings in the code reviewed.

版本历史

v2.1.1

Version 2.1.1 - Updated SKILL.md to reflect the new version number (2.1.1). - No functionality or behavioral changes; documentation update only.

v2.1.0

**ClawRoam 2.1.0 introduces file sync rules design documentation and system updates.** - Added design documents for upcoming file sync rules (docs/plans/2026-02-23-file-sync-rules-design.md and docs/plans/2026-02-23-file-sync-rules.md). - Updated schema, provider scripts, dashboard, and core sync logic to prepare for new file sync rule features. - Version incremented to 2.1.0 for visibility of planned enhancements. - Minor metadata update in SKILL.md.

v2.0.0

ClawRoam 2.0.0 — major upgrade: portable, encrypted identity vault with multi-provider sync - Adds automatic, continuous sync of agent identity, knowledge, and installed packages across machines (iCloud-style) - Supports a range of storage providers: ClawRoam Cloud, Google Drive, Dropbox, FTP, Git, S3, WebDAV, or local storage - Provides versioned, encrypted history with rollbacks and profile-based separation for each machine - Ensures sensitive local personality/identity files never auto-sync without explicit permission - Includes migration, package diff/restore, multi-profile management, and cost transparency features

元数据

Slug getlighty-clawroam

版本 2.1.1

许可证 —

累计安装 0

当前安装数 0

历史版本数 3

常见问题

ClawRoam 是什么？

Portable identity vault for OpenClaw. Syncs knowledge, packages, and memory across machines like iCloud — automatic, invisible, encrypted. Bring your own sto... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 571 次。

如何安装 ClawRoam？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install getlighty-clawroam」即可一键安装，无需额外配置。

ClawRoam 是免费的吗？

是的，ClawRoam 完全免费（开源免费），可自由下载、安装和使用。

ClawRoam 支持哪些平台？

ClawRoam 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 ClawRoam？

由 getlighty（@getlighty）开发并维护，当前版本 v2.1.1。

ClawRoam