← 返回 Skills 市场
ziqi-jin

workspace-backup-github

作者 ziqi · GitHub ↗ · v1.3.0 · MIT-0
cross-platform ⚠ suspicious
271
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install workspace-backup-github
功能描述
Backup AI Agent workspace to GitHub - One-click backup for OpenClaw, Claude Code, Cursor, and other AI Agent workspaces to a private GitHub repository. Suppo...
安全使用建议
This skill appears to do what it says (push workspace files to a private GitHub repo) but you should be cautious before using it: - The skill asks for a GitHub personal access token (PAT) with broad 'repo' scope and embeds that token in the git remote URL (https://x-access-token:[email protected]/...). That token will be stored locally in the repo's .git/config and used each time the cron job runs — not in tracked files, but still present on disk and therefore at risk if the machine is compromised. Consider creating a narrowly scoped token or a separate machine account you can revoke easily. - The SKILL.md claims 'sensitive data are NOT backed up' but there is no secret-scanning or redaction step in the script. Inspect your workspace for credentials, environment files, or keys before backing up. Add explicit exclusions or run a secret-scan (e.g., git-secrets, truffleHog) before the first commit. - The script hard-codes WORKSPACE_DIR=/root/.openclaw/workspace. Verify this path is correct for your environment and that you understand which account will run the script (cron job). Running as root or with incorrect permissions may expose more data than intended. - Prefer safer authentication options if possible: use an SSH deploy key, a GitHub App with limited permissions, or a token with the minimum required scopes. Avoid pasting long-lived tokens into third-party services; rotate/revoke tokens immediately if you suspect misuse. - Test manually first: run the provided script locally with a throwaway repo or account, confirm it doesn't commit secrets, and verify where the token is stored. Only enable scheduled cron after confirming behavior. If you want, I can: (1) help produce a checklist to inspect your workspace for secrets before backup, (2) suggest a safer deployment pattern (deploy key or restricted token), or (3) produce a modified script that avoids embedding tokens in git remotes (e.g., using git credential helper or SSH keys).
功能分析
Type: OpenClaw Skill Name: workspace-backup-github Version: 1.3.0 This skill facilitates backing up the AI workspace to GitHub but exhibits high-risk credential handling and data exposure. It prompts the user for a GitHub Personal Access Token (PAT) with full 'repo' permissions and stores it in plain text within the '.git/config' file by embedding it in the remote URL (scripts/backup.sh). Additionally, while the documentation claims to exclude sensitive info, the backup process includes the 'skills/' and 'memory/' directories, which are highly likely to contain secrets or personal data, increasing the risk of accidental data exfiltration.
能力评估
Purpose & Capability
The skill's name and description match the included script and instructions: it backs up a workspace to a GitHub repo. However, SKILL.md asserts 'Sensitive data (API keys, passwords) are NOT backed up' without any implemented mechanism to detect or remove secrets from tracked files. The script simply git-adds listed files and directories; there is no secret-scanning, redaction, or explicit exclusion of potentially sensitive files beyond a short exclusion list. The script also hard-codes WORKSPACE_DIR to /root/.openclaw/workspace, which is a privileged, non-portable path and may not match user environments.
Instruction Scope
The runtime instructions explicitly prompt the user to paste a GitHub token and instruct use of a token with full 'repo' scope. The instructions recommend embedding the token into the git remote URL (and the script constructs https://x-access-token:[email protected]/...), which means the token will exist in the local git config/remote URL and may be exposed locally (in .git/config, process logs, or backups if misconfigured). SKILL.md claims tokens aren't stored in files ('Token is stored in Git remote URL (not in files)') which is misleading: the remote URL is persisted in .git/config. There is no guidance in the skill to avoid committing secrets inside the workspace files themselves, no scanning/removal step, and no alternative safer options (e.g., deploy keys, GitHub App, or SSH key use).
Install Mechanism
This is instruction-only with a small shell script included; there is no installer that downloads or executes remote code. That lowers installation risk. The provided scripts are simple and readable; nothing is being fetched from arbitrary URLs or package registries.
Credentials
The skill does not declare required environment variables in the registry metadata, and it requests the GitHub token interactively at runtime — this is proportionate to the task. However, the requested token scope ('repo' full control of private repositories) is broad and gives the token full repository privileges. The way the token is used (embedded in remote URL) increases the chance of local exposure. The script's use of a hard-coded /root path may also require elevated permissions or assumptions about the runtime account.
Persistence & Privilege
always: false (not force-installed) and the skill uses OpenClaw's cron facility to schedule backups. Using cron to persist scheduled tasks is expected for a backup tool, but it does increase persistence and repeated use of the supplied token. There is no evidence the skill modifies other skills or global agent settings beyond adding a cron job for itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install workspace-backup-github
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /workspace-backup-github 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
Updated backup commands to include README.md, SYNC.md, .gitignore for complete workspace backup
v1.2.0
Complete English rewrite - now with full English description for global users
v1.1.0
支持任意AI Agent工作空间备份到GitHub,手动/自动双模式,交互式配置向导
元数据
Slug workspace-backup-github
版本 1.3.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 3
常见问题

workspace-backup-github 是什么?

Backup AI Agent workspace to GitHub - One-click backup for OpenClaw, Claude Code, Cursor, and other AI Agent workspaces to a private GitHub repository. Suppo... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 271 次。

如何安装 workspace-backup-github?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install workspace-backup-github」即可一键安装,无需额外配置。

workspace-backup-github 是免费的吗?

是的,workspace-backup-github 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

workspace-backup-github 支持哪些平台?

workspace-backup-github 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 workspace-backup-github?

由 ziqi(@ziqi-jin)开发并维护,当前版本 v1.3.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论