← 返回 Skills 市场
484
总下载
1
收藏
1
当前安装
4
版本数
在 OpenClaw 中安装
/install openclaw-backup-restore
功能描述
Backup and restore OpenClaw configuration, agents, sessions, and workspace to/from a private Git repository. Use when the user wants to manually trigger a ba...
安全使用建议
Before installing or running this skill, make sure you: 1) Verify OPENCLAW_BACKUP_REPO is set to a private, access-controlled repository (do not push secrets to a public repo). 2) Confirm you have git, rsync, npm, and the OpenClaw CLI available on the machine; the skill metadata currently does not declare these requirements. 3) Understand that restore runs 'npm install' in any folder with package.json — that can run arbitrary install scripts from code stored in the backup. Consider disabling automatic npm installs (or review package.json files) when restoring. 4) Ensure your SSH/git credentials used for push/pull have appropriate scope and rotate credentials if you suspect exposure. 5) Test the backup/restore flow on a non-production copy first to validate behavior and the rsync/git semantics (watch for nested directory issues). 6) If you plan to proceed, update the skill metadata or documentation to list required binaries and clearly warn about the sensitivity of files under ~/.openclaw. If you want, provide the agent with a read-only or restricted backup repo and review the contents before running npm install or pushing sensitive files.
功能分析
Type: OpenClaw Skill
Name: openclaw-backup-restore
Version: 1.0.3
The skill automates the backup and restoration of the entire OpenClaw environment, including sensitive configuration files, identity keys, and session memory, to a user-defined Git repository. While the scripts (scripts/backup.sh and scripts/restore.sh) are aligned with the stated purpose, they perform high-risk actions such as exfiltrating sensitive data to a remote endpoint and executing 'npm install' on restored files. This poses a significant risk of data exposure or supply chain compromise if the backup repository is not properly secured by the user.
能力评估
Purpose & Capability
The skill's name/description match the included scripts: they back up ${HOME}/.openclaw to a Git repo and can restore it. However, the registry metadata claims no required binaries or envs even though the scripts require git, rsync, npm, and the OpenClaw CLI (openclaw). It also implicitly requires a working SSH/git auth setup for the remote repo. The missing required-tool declarations are an inconsistency.
Instruction Scope
SKILL.md and the scripts stay within the stated purpose (sync .openclaw to/from a Git repo). The restore script runs 'find ... -execdir npm install' which will execute package install scripts in restored directories (a legitimate restore step but a notable execution risk if the backup contains malicious package.json files). The scripts read OpenClaw config and operate on ${HOME}/.openclaw and ${HOME}/openclaw-backup — they will move potentially sensitive runtime/config/identity files to the configured remote, which is expected but requires caution.
Install Mechanism
No install spec (instruction-only) — no external archives are downloaded by the skill itself. The scripts are included in the skill bundle and will be executed by the agent when invoked. This is a low-risk install mechanism in the sense of remote code fetching, but the included scripts will perform network operations (git push/pull, npm install).
Credentials
The skill requests no environment variables in metadata, yet it depends on a user-configured OPENCLAW_BACKUP_REPO value in OpenClaw config and needs access to the user's SSH/git credentials and HOME. The scripts will read/write the entire ${HOME}/.openclaw (including identity/credentials files referenced in SKILL.md), then push them to the configured remote — this is functionally necessary but high-impact, so the omission in metadata and lack of explicit credential requirements is concerning.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills. It does, however, read and write the user's OpenClaw runtime data and will perform autonomous git operations when invoked; that autonomy is platform-default and not by itself a flag here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-backup-restore - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-backup-restore触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Exclude Playwright cache and Python cache files from backup; improve backup cleanliness.
v1.0.2
Translate .gitignore comments to English.
v1.0.1
Improve backup/restore scripts and refresh skill guidance.
v1.0.0
openclaw-backup-restore by git
元数据
常见问题
OpenClaw Backup & Restore 是什么?
Backup and restore OpenClaw configuration, agents, sessions, and workspace to/from a private Git repository. Use when the user wants to manually trigger a ba... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 484 次。
如何安装 OpenClaw Backup & Restore?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-backup-restore」即可一键安装,无需额外配置。
OpenClaw Backup & Restore 是免费的吗?
是的,OpenClaw Backup & Restore 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Backup & Restore 支持哪些平台?
OpenClaw Backup & Restore 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Backup & Restore?
由 DarinRowe(@darinrowe)开发并维护,当前版本 v1.0.3。
推荐 Skills