← 返回 Skills 市场
solidexu

git-backup

作者 solidexu · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
385
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install git-backup-publish
功能描述
Backup OpenClaw workspace files (docs, memory, skills) to a private Git repo (Gitee/GitHub/GitLab) for data safety and migration.
使用说明 (SKILL.md)

Git Backup

Backup OpenClaw agent workspace to Git repository for data safety and migration capability.

Author: 徐琛 ([email protected])
License: Apache 2.0

⚠️ 使用前必读

使用此技能前,你需要准备:

信息 如何获取
Git 平台 Token Gitee: https://gitee.com/profile/personal_access_tokens\x3Cbr>GitHub: https://github.com/settings/tokens\x3Cbr>GitLab: https://gitlab.com/-/profile/personal_access_tokens
Git 用户名 你的 Git 平台用户名
Agent 名称 你的 agent 标识符(用于仓库命名)

Token 权限要求:

  • projects / repo - 创建和管理仓库
  • user_info / read:user - 读取用户信息

Quick Start

1. 创建仓库

# Gitee
curl -X POST "https://gitee.com/api/v5/user/repos" \
  -H "Content-Type: application/json" \
  -d '{
    "access_token": "YOUR_TOKEN",
    "name": "openclaw-agent-YOUR_AGENT_NAME",
    "description": "OpenClaw Agent Backup",
    "private": true,
    "auto_init": true
  }'

# GitHub (使用 gh cli)
gh repo create openclaw-agent-YOUR_AGENT_NAME --private --description "OpenClaw Agent Backup"

2. 执行备份

export GITEE_TOKEN="your_token_here"
export GITEE_REPO="https://gitee.com/YOUR_USERNAME/openclaw-agent-YOUR_AGENT_NAME.git"
export AGENT_NAME="your_agent_name"

./scripts/backup-to-gitee.sh "Backup message"

3. 配置自动备份(可选)

在你的 HEARTBEAT.md 中添加:

### 文件变更检测与备份
- 检查核心文件变更时自动备份
- 脚本: /path/to/git-backup/scripts/watch-and-backup.sh

备份内容

类型 文件
核心文档 AGENTS.md, SOUL.md, IDENTITY.md, USER.md, MEMORY.md, TOOLS.md, HEARTBEAT.md
记忆 memory/ 目录
技能 skills/ 目录

不备份: 数据库、任务脚本、临时文件、.env、密钥等

脚本说明

脚本 用途
setup-gitee.sh 初始化配置(创建仓库、保存配置)
backup-to-gitee.sh 执行备份
create-repo.sh 快速创建仓库工具
watch-and-backup.sh 文件变更监控(用于心跳检测)

环境变量

变量 必需 说明
GITEE_TOKEN Git 平台的 Personal Access Token
GITEE_REPO 仓库 URL
AGENT_NAME Agent 标识符
WORKSPACE_DIR 工作区路径,默认 ~/.openclaw/workspace

安全提示

  1. 不要将 Token 提交到公开仓库
  2. 使用环境变量或配置文件存储敏感信息
  3. 定期轮换 Token
  4. 使用私有仓库备份敏感数据

支持的平台

  • ✅ Gitee(默认)
  • ✅ GitHub(修改 API 端点即可)
  • ✅ GitLab(修改 API 端点即可)
  • ✅ 自建 Git 服务器
安全使用建议
This skill appears to do what it says (backup selected OpenClaw workspace files to a git repo), but there are important cautions: (1) registry metadata incorrectly omits required environment variables—expect to provide a personal access token (GITEE_TOKEN), repo URL (GITEE_REPO), and AGENT_NAME before use; (2) the scripts embed tokens into HTTPS URLs for git clone/push which can expose tokens (process lists, git config) — prefer using git credential helpers, deploy keys, or configuring remotes without embedding tokens; (3) avoid placing tokens inline in cron entries or plaintext files; instead export them from a secure source or use a credential manager; (4) review the scripts yourself (they are plain shell) and test in an isolated account/repo with minimal token scopes (only repo/project create/push as needed) and rotate the token afterward. If you need, ask for a version that uses SSH deploy keys or a credential helper instead of embedding tokens in URLs, and request the registry metadata be corrected to list the required env vars/primary credential.
功能分析
Type: OpenClaw Skill Name: git-backup-publish Version: 1.0.0 The skill provides legitimate workspace backup functionality to Git platforms but contains security vulnerabilities and high-risk patterns. Specifically, `create-repo.sh` and `setup-gitee.sh` are vulnerable to JSON injection because they concatenate shell variables directly into `curl` POST data without sanitization. Additionally, `backup-to-gitee.sh` constructs an authenticated Git URL by embedding the `GITEE_TOKEN` directly into the string, a practice that can leak sensitive credentials through process lists or logs. While the script includes a `.gitignore` to prevent backing up some secrets, the combination of broad file access and unhardened credential handling warrants a suspicious classification.
能力评估
Purpose & Capability
Name/description and the included scripts (create-repo, setup, backup, watcher) are coherent: they create a repo and push selected workspace files. However the registry metadata declared no required environment variables or primary credential while the SKILL.md and scripts clearly require GITEE_TOKEN, GITEE_REPO, and AGENT_NAME. That mismatch is unexplained and worth caution.
Instruction Scope
SKILL.md and scripts limit backups to specific files/dirs and explicitly exclude .env/keys, which is good. But instructions/examples encourage practices that risk credential exposure: embedding personal access tokens into HTTPS clone URLs (AUTH_REPO), and showing an example cron entry that includes GITEE_TOKEN inline. The watcher/daemon and scripts write logs and PID/state files to /tmp and the workspace; they also run network calls to Git hosting APIs. These behaviors are within the backup purpose but include concrete steps that can leak secrets if used as-is.
Install Mechanism
Instruction-only skill with shell scripts; no install spec or external downloads. This has lower install-time risk because nothing is automatically fetched from arbitrary URLs. The included scripts are plain shell and self-contained.
Credentials
The skill requires a personal access token with repo/projects scope, but the registry metadata lists no required env vars or primary credential—an inconsistency. The number and type of secrets requested (GITEE_TOKEN/GITEE_REPO/AGENT_NAME) are reasonable for a backup skill, but how the token is used (embedded in URLs, suggested inline in cron) increases exposure risk beyond what is necessary.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It provides a watcher/daemon and cron examples for persistent backups, which is reasonable for the function. It does not attempt to modify other skills or system-wide agent settings in the provided scripts.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install git-backup-publish
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /git-backup-publish 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
首次发布:支持 Gitee/GitHub/GitLab 工作区备份
元数据
Slug git-backup-publish
版本 1.0.0
许可证
累计安装 1
当前安装数 1
历史版本数 1
常见问题

git-backup 是什么?

Backup OpenClaw workspace files (docs, memory, skills) to a private Git repo (Gitee/GitHub/GitLab) for data safety and migration. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 385 次。

如何安装 git-backup?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install git-backup-publish」即可一键安装,无需额外配置。

git-backup 是免费的吗?

是的,git-backup 完全免费(开源免费),可自由下载、安装和使用。

git-backup 支持哪些平台?

git-backup 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 git-backup?

由 solidexu(@solidexu)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论