← 返回 Skills 市场
747
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install restic-home-backup-safe
功能描述
Design, implement, and operate encrypted restic backups for Linux home directories with systemd automation, retention policies, and restore validation. Use w...
安全使用建议
This skill appears to do what it says, but follow these precautions before applying changes: (1) Review scripts/bootstrap_restic_home.sh locally in plan-only mode (run without --apply) to confirm paths/schedules. (2) Ensure restic is installed at /usr/bin/restic (or edit scripts to your restic path). (3) Be aware applying (--apply) writes files under /etc and /usr/local/bin and installs systemd units which will run as root—confirm this matches your security policy. (4) If you intend to use a remote backend (S3/B2/sftp), plan how repository credentials will be provided (the script currently generates/stores a local password file but does not manage cloud credentials). (5) After apply, verify permissions on /etc/restic-home/* (should be 600) and perform the restore smoke test described in the ops checklist. (6) If unsure, run in plan-only mode and manually inspect generated artifacts before using --apply. If you want a more restrictive setup (non-root service user, SELinux/AppArmor constraints, or integration with your secret manager), request those explicit changes before applying.
功能分析
Type: OpenClaw Skill
Name: restic-home-backup-safe
Version: 1.0.0
The skill bundle is designed for a legitimate purpose (restic home backups) and implements strong safety boundaries, notably requiring an explicit `--apply` flag for system changes, as documented in SKILL.md. However, the `scripts/bootstrap_restic_home.sh` script directly uses user-provided inputs like `--user` (for `USER_NAME`) and `--timezone` (for `TIMEZONE`) in path constructions and systemd unit files without explicit sanitization. While the script's intent is benign, this lack of input validation presents a vulnerability that could potentially be exploited via prompt injection against the AI agent, leading to path traversal or command injection if malicious inputs are crafted for these parameters and downstream commands are not sufficiently robust.
能力评估
Purpose & Capability
Name/description (restic home backup with systemd automation) match the included artifacts: SKILL.md describes intended inputs/outputs and safety boundaries, and scripts/bootstrap_restic_home.sh creates env, backup/prune/check scripts and systemd units as advertised.
Instruction Scope
SKILL.md and the bootstrap script stay within backup setup scope. The script is PLAN-ONLY by default and requires --apply to write to /etc, /usr/local/bin, and /etc/systemd/system, and it avoids printing secrets. Note: applying changes requires root privileges and the produced systemd units run without a User= line (will run as root); this is typical for full system backups but is a security decision the operator should review.
Install Mechanism
Instruction-only skill with a local bootstrap script; there is no network download/install step, no external package pulls, and no archives are extracted. Risk from install mechanism is low.
Credentials
The skill requests no external environment variables or credentials. It will create a local password file (/etc/restic-home/password) and an environment file (/etc/restic-home.env) to hold RESTIC_REPOSITORY and RESTIC_PASSWORD_FILE; these are proportional to the task. Operators should note the script may generate a password if none exists and will store it on-disk.
Persistence & Privilege
The skill does not request always:true and does not persist as a continuously running skill. If applied, it writes systemd timer/unit files and scripts into system locations (expected for a backup solution). This grants ongoing system behavior (scheduled backups) but that is coherent with the stated purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install restic-home-backup-safe - 安装完成后,直接呼叫该 Skill 的名称或使用
/restic-home-backup-safe触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Plan-only default, explicit --apply required, optional timer/init/first-backup flags.
元数据
常见问题
Restic Home Backup (Safe Apply Mode) 是什么?
Design, implement, and operate encrypted restic backups for Linux home directories with systemd automation, retention policies, and restore validation. Use w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 747 次。
如何安装 Restic Home Backup (Safe Apply Mode)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install restic-home-backup-safe」即可一键安装,无需额外配置。
Restic Home Backup (Safe Apply Mode) 是免费的吗?
是的,Restic Home Backup (Safe Apply Mode) 完全免费(开源免费),可自由下载、安装和使用。
Restic Home Backup (Safe Apply Mode) 支持哪些平台?
Restic Home Backup (Safe Apply Mode) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Restic Home Backup (Safe Apply Mode)?
由 Moep90(@moep90)开发并维护,当前版本 v1.0.0。
推荐 Skills