← 返回 Skills 市场

openclaw-backup-restore

Name: openclaw-backup-restore
Author: brunovu20

作者 Bruno · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install home-dir-backup-restore

功能描述

Backup or restore your entire OpenClaw setup including config, agents, skills, credentials, and workspace as a timestamped portable .tar.gz archive.

使用说明 (SKILL.md)

OpenClaw Backup & Restore Skill

Snapshot and migrate your complete OpenClaw setup — config, agents, flows, skills, credentials, memory, and workspace — as a single portable archive.

What this skill does

Backup: Archives the entire ~/.openclaw/ directory into a timestamped .tar.gz (or .tar.gz.gpg if encrypted) — no files excluded.
Restore: Extracts an archive back into ~/.openclaw/, preserving directory structure and permissions, so OpenClaw works immediately after extraction.
List: Shows available backup archives in the configured output directory.
Verify: Validates a backup archive's integrity before restore.

Use this skill when the user says:

"backup my openclaw setup"
"migrate openclaw to my new machine"
"snapshot my openclaw config"
"restore openclaw from backup"
"what backups do I have?"

What is backed up

The entire ~/.openclaw directory — every file and subdirectory — is included in the archive. No exclusions. The restored machine gets an exact copy of the original, and OpenClaw works immediately without any missing configuration, credentials, skills, or state.

See references/paths.md for details on sensitive paths and restore-time permissions.

Workflow

Backup

Resolve the OpenClaw home directory (OPENCLAW_HOME, defaults to ~/.openclaw).
Resolve the output directory (BACKUP_DIR, defaults to ~/openclaw-backups).
Archive the full ~/.openclaw directory into a timestamped .tar.gz.
Optionally encrypt with GPG: --encrypt flag or BACKUP_GPG_RECIPIENT env var.
Print the archive path and size.

Restore

Validate the archive (non-empty, valid gzip, no path traversal).
Warn if ~/.openclaw already exists and prompt for confirmation (or use --force).
Optionally decrypt if .gpg extension detected.
Extract to ~/.openclaw/ with --strip-components=0.
Fix permissions on sensitive files (credentials/, secrets/, identity/).
Print a summary of restored paths.

List

Print all .tar.gz and .tar.gz.gpg files in BACKUP_DIR with size and date.

Verify

Run gzip -t on the archive and list its top-level contents without extracting.

Scripts

Script	Purpose
`scripts/backup.sh`	Create a backup archive
`scripts/restore.sh`	Restore from a backup archive

Usage examples

# Create a backup in ~/openclaw-backups/
bash scripts/backup.sh

# Backup to a custom directory
bash scripts/backup.sh --output /Volumes/USB/backups

# Backup with GPG encryption
bash scripts/backup.sh --encrypt [email protected]

# List available backups
bash scripts/backup.sh --list

# Verify a backup without restoring
bash scripts/restore.sh --verify openclaw-backup-2026-05-24_120000.tar.gz

# Restore (will prompt before overwriting)
bash scripts/restore.sh openclaw-backup-2026-05-24_120000.tar.gz

# Restore without confirmation prompt
bash scripts/restore.sh --force openclaw-backup-2026-05-24_120000.tar.gz

# Restore to a custom openclaw home
bash scripts/restore.sh --home /opt/openclaw openclaw-backup-2026-05-24_120000.tar.gz

Migration workflow (old machine → new machine)

On the old machine: run bash scripts/backup.sh — copy the .tar.gz to the new machine.
On the new machine: install OpenClaw binary, then run bash scripts/restore.sh \x3Carchive>.
OpenClaw will start with your full config, agents, skills, credentials, and workspace intact.

Security notes

credentials/ and secrets/ contain sensitive API keys. Keep backups in a secure location.
Use --encrypt with a GPG key for backups stored in cloud storage or on shared drives.
The restore script sets chmod 700 on sensitive directories automatically.

Guardrails

Never extract archives with path components that escape ~/.openclaw/ (path traversal check).
Always show the archive size and file count after backup so the user can sanity-check completeness.
If OpenClaw is running during backup, warn the user — SQLite databases may be in a dirty state.
Do not backup identity/device-auth.json without informing the user it contains auth tokens.

安全使用建议

Install only if you intentionally want a full-fidelity backup that includes secrets and login/session material. Use GPG encryption for every backup before moving it off the machine, avoid unencrypted cloud or removable-media storage, restrict file permissions, and rotate credentials if an archive may have been exposed.

能力评估

⚠ Purpose & Capability

The backup/restore purpose is coherent, but the capability captures the entire ~/.openclaw tree, including credentials, secrets, identity tokens, memory, and workspace; README also claims some transient data is excluded while the script performs an unrestricted tar of the directory.

⚠ Instruction Scope

Actions are user-directed, but default backups are unencrypted .tar.gz files and migration guidance mentions USB, cloud, or SCP transfer without requiring encryption; SKILL.md says users should be informed before backing up identity/device-auth.json, but backup.sh does not give that specific warning.

✓ Install Mechanism

No suspicious install-time behavior was found; the only declared install helper is optional gnupg for encryption, and static scan reported clean with no VirusTotal telemetry supplied.

⚠ Credentials

Full access to ~/.openclaw is purpose-aligned for exact migration, but it is high-impact because it bundles reusable credentials and private workspace state into a portable file with encryption only optional.

⚠ Persistence & Privilege

The scripts do not add a daemon or seek elevated privileges, but backups extend session persistence beyond the original machine, and restore can replace an OpenClaw home after a prompt or with --force while preserving the old directory.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install home-dir-backup-restore
安装完成后，直接呼叫该 Skill 的名称或使用 /home-dir-backup-restore 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of portable backup and restore for OpenClaw installations. - Backs up the entire `~/.openclaw` directory into a portable `.tar.gz` (supports GPG encryption). - Restores archives safely, preserving existing setups with timestamped backups. - Includes scripts to list backups and verify archive integrity. - Ensures all configuration, agents, flows, credentials, skills, and workspace data are included. - Adds guardrails for security (permission fixes, path traversal checks, warnings for sensitive files). - Compatible with macOS and Linux; requires bash, tar, gzip; optional: gpg for encryption.

元数据

Slug home-dir-backup-restore

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题