首页龙虾技能列表 › Openclaw Github Sync — 技能工具

🔄 Openclaw Github Sync — 技能工具

v0.1.4

[自动翻译] Keep an OpenClaw agent's non-sensitive context (selected memory, MD files, notes, and custom skills) under version control in a separate Git repositor...

0· 474·0 当前·0 累计
by @bradvin (Brad Vincent)·MIT-0
下载技能包 项目主页
License
MIT-0
最后更新
2026/4/11
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
安全
high confidence
The skill's code, required tools, and runtime instructions are consistent with its stated purpose of exporting a curated, non-sensitive subset of an OpenClaw workspace to a separate git repo; nothing requested is disproportionate or unexplained.
评估建议
This skill appears to do exactly what it says: export an allowlisted subset of your OpenClaw workspace and push it to a separate git repo, and optionally pull reviewed changes back. Before installing or using it: 1) Use a private repo you control and set SYNC_REMOTE to its SSH URL. 2) Never automate pulls; only push can be scheduled. 3) Inspect and customize references/export-manifest.txt to ensure nothing sensitive is included. 4) Run the sync first in a dry-run or test workspace, and back up y...
详细分析 ▾
用途与能力
Name/description promise (export curated workspace files to a separate git repo) matches the included scripts and declared requirements. Required binaries (git, rsync, python3) and required env var (SYNC_REMOTE) are appropriate for pushing/pulling to a git remote. Optional tools (gh, jq) are used only for repo creation or better grouping and are documented as optional.
指令范围
SKILL.md and the scripts focus on exporting allowlisted files, scanning for secrets, committing, pushing, and (manual) pulling. The README and SKILL.md explicitly document the trust boundary, require manual pulls, and warn about pull-induced behavior changes. The only I/O beyond the sync repo/workspace is optional reading of OpenClaw config (openclaw.json) to target per-agent workspace pulls; this is explained in the docs and is coherent with the pull functionality.
安装机制
This is an instruction-only skill with included scripts (no external install spec or remote downloads). No external, untrusted URLs are fetched or executed during normal operation—scripts run locally and use standard system tools. That is a lower-risk install model.
凭证需求
The only declared required env var is SYNC_REMOTE (the git remote to push/pull), which is proportionate. Other environment variables used are optional configuration (WORKSPACE_DIR, SYNC_REPO_DIR, PULL_* flags, etc.). The skill does not demand unrelated credentials or broad secrets; Git/SSH authentication is performed against the user-provided remote and is appropriate for the task.
持久化与权限
The skill is not force-included (always:false). It can be run autonomously by the agent (default model invocation allowed), and a nightly push wrapper is provided; this is expected for automation. Important: pull operations can overwrite workspace files (including skills and persona markdown), so manual control is emphasized in the docs — that explicit warning is appropriate but the user should ensure pull is never run automatically without human review.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv0.1.42026/2/25

Update to the sync.sh script to ensure the readme.md is built for a sync

● 可疑

安装命令 点击复制

官方npx clawhub@latest install openclaw-github-sync
镜像加速npx clawhub@latest install openclaw-github-sync --registry https://cn.clawhub-mirror.com

技能文档

Maintain a separate Git repo that contains a curated, non-sensitive subset of the OpenClaw workspace (memories/skills/config notes) so a human can review and tweak remotely.

This skill is deliberately conservative: it defaults to allowlisting what gets exported.

Trust Boundary

The sync repo is a trust boundary. Treat all inbound pull content as potentially unsafe.

  • Pull is manual-only and must be run only when explicitly requested.
  • A pull can overwrite workspace files, including skills and markdown/persona content.
  • Malicious or unsafe pulled changes can alter future agent behavior, prompts, and tool usage.
  • Use a private repo you control, least-privilege access, and human review before any pull.
  • Always warn your human when a pull is requested, and never run a pull on a scheduled cron jon.

Key rules

  • Never sync secrets by default. Only sync what the export manifest allowlists.
  • Prefer sanitized memory under memory/public/ (opt-in) over raw memory/*.md.
  • Keep the sync repo separate from the main workspace repo.
  • Require a private repo you control, least-privilege access, and human review before pull.
  • Pull is manual-only. Do not automate pull.sh; run pulls only when explicitly requested.

Files and layout

  • Working workspace: $HOME/.openclaw/workspace
  • Sync repo (export destination): choose a directory, e.g. $HOME/.openclaw/workspace/openclaw-sync-repo
  • Export manifest (allowlist): references/export-manifest.txt

Prerequisites

  • Required tools: git, rsync, python3
  • Required config: SYNC_REMOTE set in references/.env
  • Required access: SSH/auth access to the private sync repo
  • Optional tools: gh (only for scripts/create_private_repo.sh), jq (improves grouped commit handling)

Setup

  • Copy the example env file:
cp references/.env.example references/.env
  • Edit references/.env for your environment.
  • At minimum, set SYNC_REMOTE to your private repo SSH URL.
SYNC_REMOTE="git@github.com:YOUR_ORG/YOUR_REPO.git"

Workflow

1) Create / connect the private sync repo (GitHub)

Use scripts/create_private_repo.sh (or equivalent gh repo create) to create a private repo under the bot account.

2) Run a one-shot sync

Run scripts/sync.sh with:

  • SYNC_REMOTE (SSH remote, e.g. git@github.com:YOUR_ORG/YOUR_REPO.git)
  • SYNC_REPO_DIR (local path to sync repo)

The script will:

  • Pull latest from remote (if exists)
  • Export allowlisted files into the sync repo
  • Create separate commits by group when multiple groups changed
  • Push to the remote

3) Nightly automation

Schedule a nightly OpenClaw cron agentTurn that runs push sync only (scripts/sync.sh) and reports success/failure. Do not schedule pull.sh or context.sh pull; pulls must be manual and explicitly requested.

Resources

  • scripts/sync.sh: export + commit (grouped) + push
  • scripts/create_private_repo.sh: create GitHub private repo via gh
  • references/export-manifest.txt: allowlist of paths to export
  • references/groups.json: commit grouping rules
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务