← 返回 Skills 市场
1271
总下载
1
收藏
14
当前安装
11
版本数
在 OpenClaw 中安装
/install myclaw-backup
功能描述
Backup and restore all OpenClaw configuration, agent memory, skills, and workspace data. Part of the MyClaw.ai (https://myclaw.ai/skills) open skills ecosyst...
安全使用建议
This skill appears to do exactly what it claims (full OpenClaw backup/restore) but it operates on highly sensitive files and offers a built-in HTTP server and cron scheduling — review these points before installing:
- Trust boundary: backups contain bot tokens, API keys, session history and channel credentials. Only install/run on a trusted machine and protect the resulting .tar.gz files.
- HTTP server defaults: serve.sh starts the Node server and binds to 0.0.0.0; although docs warn not to expose it, the default listen address makes it reachable on all interfaces. If you only want local access, modify the server to bind to 127.0.0.1 or run it behind a firewall/reverse proxy with TLS.
- Token handling: serve.sh passes the token on the node command line and environment; command-line arguments can be visible to other local users via ps. Prefer passing the token via a protected environment or modify server.js/serve.sh to read the token from a secured file or prompt.
- Exposure via URL: the UI embeds the token in links (query string). Query strings and logs may leak tokens (reverse proxies, access logs). Avoid sharing these URLs publicly; prefer scp/ssh when migrating between machines.
- Cron changes: schedule.sh modifies the system crontab. Review the cron entry before enabling; use --disable to remove. If you lack admin consent, do not enable scheduling.
- Restore safety: follow the skill advice — always run restores with --dry-run first. The restore scripts prompt for confirmation when not dry-run but the server can auto-confirm (echo 'yes' | restore) when invoked via the local restore endpoint; ensure only trusted local users can invoke that endpoint.
- Audit and harden: inspect server.js, backup.sh, restore.sh yourself before using. Consider hardening: restrict server.listen to localhost, drop token from argv, enable TLS or run behind SSH tunnel, and ensure backup files have strict permissions and are transferred using scp/sftp.
If you want to proceed: run backups locally first, inspect archives, test restore with --dry-run, and avoid starting the HTTP server on a machine exposed to untrusted networks. If you cannot review/modify code yourself, treat this as a high-trust skill and consider alternative migration methods (scp of archive) instead of enabling the built-in HTTP server.
功能分析
Type: OpenClaw Skill
Name: myclaw-backup
Version: 2.0.0
The 'myclaw-backup' skill provides functionality to archive and restore sensitive OpenClaw data, including API keys, bot tokens, and session history. It utilizes high-risk capabilities such as a network-accessible Node.js HTTP server (server.js), shell execution for backup/restore operations (backup.sh, restore.sh), and crontab modification for persistence (schedule.sh). While the skill includes significant security mitigations—such as mandatory token authentication, localhost-only restrictions for execution endpoints, and path sanitization—the broad access to system secrets and the capability to expose them via a network port align with the provided criteria for a suspicious classification.
能力评估
Purpose & Capability
Name/description, declared required binaries (node, rsync, tar, python3, openclaw), and the provided scripts (backup/restore/schedule/serve + server.js + UI) all align with a backup-and-restore capability for OpenClaw. The files back up and restore ~/.openclaw and related data as described.
Instruction Scope
SKILL.md and the scripts explicitly read and overwrite ~/.openclaw, modify crontab (schedule.sh), and optionally start an HTTP server for upload/download/restore. That behavior matches the stated purpose, but the runtime instructions do grant the skill broad read/write access to highly sensitive local data (bot tokens, API keys, session history) and ability to change system crontab — these are expected for a full backup tool but are high-trust operations and worth caution.
Install Mechanism
No install spec (instruction-only) and all code is bundled in the skill. Nothing is downloaded from untrusted URLs or installed from remote package sources by the skill itself.
Credentials
The skill declares no required environment variables, which is proportionate. However the serve.sh/server.js flow requires the operator to provide a token; serve.sh passes that token on the command line and environment when launching node. Passing secrets on the command line may expose them to other local users (ps output) and is a practical security risk though not inconsistent with the skill's function.
Persistence & Privilege
always:false (no forced global presence). The skill can add a cron entry (schedule.sh) to persist periodic backups — this is intentional for a backup tool but is a persistent change to the system crontab and should be enabled only with operator consent. The HTTP server also listens for network connections (server.listen uses 0.0.0.0), which is a persistent network presence while running.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install myclaw-backup - 安装完成后,直接呼叫该 Skill 的名称或使用
/myclaw-backup触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
Update ecosystem links to myclaw.ai/skills
v1.7.0
Post-restore report: after restore.sh completes, writes .restore-complete.json flag. On next heartbeat Agent detects it, sends restore report to user in their own language (read from USER.md), then deletes the flag (one-shot). Report includes backup name, agent name, restore time, and contents list.
v1.6.2
Security: refactor server.js from 474 to 225 lines — token enforcement and localhost-only checks now appear in first 50 lines, visible before any truncation. HTML UI extracted to ui.html. All security gates at top of file.
v1.6.1
Security: /restore and /backup endpoints are now localhost-only (remote access can only download/upload, not execute). Web UI hides restore button when accessed remotely. schedule.sh explicitly prints crontab entry before adding. SKILL.md has detailed access control table.
v1.6.0
Fix: preserve gateway auth token on restore to new server. Prevents 'gateway token mismatch' error in Control UI / Dashboard after migration. Add --overwrite-gateway-token flag for full disaster recovery.
v1.5.0
Backup filename now includes agent name for easy identification (e.g. openclaw-backup_the-doctor_20260302_143000.tar.gz). Agent name read from IDENTITY.md, fallback to hostname.
v1.4.3
Add clickable MyClaw.ai link at top of skill page body
v1.4.2
Add MyClaw.ai link in skill description
v1.4.1
One-click backup & restore for OpenClaw instances. Part of the [MyClaw.ai](https://myclaw.ai) open skills ecosystem — the AI personal assistant platform that gives every user a full server with complete code control. Backs up workspace, credentials, bot tokens, API keys, agent history. Restore to any new instance with zero re-pairing. | GitHub: https://github.com/LeoYeAI/openclaw-backup
v1.4.0
Security fixes: token now mandatory for HTTP server (refuses to start without it), /health returns minimal read-only info only, restore requires explicit dry-run-first + confirm=1 two-step flow, security headers added, declared all dependencies in metadata.
v1.3.0
Full OpenClaw backup & restore: workspace, credentials, agent history, all channel state. Built-in HTTP server for browser download/upload/restore. No re-pairing after migration. Powered by MyClaw.ai
元数据
常见问题
myclaw-backup 是什么?
Backup and restore all OpenClaw configuration, agent memory, skills, and workspace data. Part of the MyClaw.ai (https://myclaw.ai/skills) open skills ecosyst... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1271 次。
如何安装 myclaw-backup?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install myclaw-backup」即可一键安装,无需额外配置。
myclaw-backup 是免费的吗?
是的,myclaw-backup 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
myclaw-backup 支持哪些平台?
myclaw-backup 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 myclaw-backup?
由 Leo Ye(@leoyeai)开发并维护,当前版本 v2.0.0。
推荐 Skills