Full backup, update, and restore for OpenClaw - config, workspace, and skills with auto-rollback
Security Analysis
high confidenceThe skill's code, runtime instructions, and requirements are coherent with its stated purpose (backup, update, restore of an OpenClaw environment); it does access and modify user files, run git pulls, and can schedule cron jobs, so review what it will back up and where it will upload backups before use.
The name/description (backup, update, restore OpenClaw) matches the requested binaries (git, jq, rsync) and the code. Optional behaviors (rclone, gpg, npm/pnpm detection, openclaw CLI integration) are expected for cloud sync, encryption, and updating OpenClaw. There are some leftover legacy/default path fallbacks (clawdbot/clawd) but they do not contradict the stated purpose.
SKILL.md and the scripts explicitly operate on user config and workspace directories (~/.openclaw, workspace, skills), create compressed archives, optionally encrypt and upload them, run git fetch/pull to update skills, and can install a cron job. All of this is within the advertised scope, but these actions will read and archive potentially sensitive files (configs/credentials) and will pull and apply code changes from remote git repositories — the user should confirm backup_paths and remote upload settings before running.
There is no exotic install mechanism: the SKILL.md instructs cloning from a GitHub repository (https://github.com/hopyky/update-plus.git) and creating a symlink under ~/bin. No downloads from shorteners/personal IPs or automated extract-from-untrusted-URLs are present in the packaged files. The skill itself is distributed as shell scripts which will run when invoked.
The skill declares no required environment variables and the scripts get configuration from ~/.openclaw/update-plus.json. Optional settings (GPG recipient, rclone remote, notification target) are sensible for encryption, remote upload, and notifications. It does not request unrelated credentials in the registry metadata; however, the tool will back up any paths you configure — including files containing secrets — so remote-upload credentials (rclone) and GPG recipients must be configured securely if you enable those features.
always:false (no forced global inclusion). The skill can install a cron job and create a ~/bin symlink (both are user-level persistent changes) and can perform repeated autonomous updates when scheduled. Installing cron jobs and symlinks is consistent with an updater tool, but these are persistent actions the user must approve.
Guidance
This package appears to do what it says, but it will read and archive user config and workspace files and can upload backups to configured cloud remotes and install a cron job. Before installing or running: 1) Inspect and edit ~/.openclaw/update-plus.json to restrict backup_paths to only the directories you want backed up; 2) keep remote storage disabled until you have configured and verified your rclone remote and understand where backups will be sent; 3) enable GPG encryption if backups include sensitive files and configure GPG_RECIPIENT; 4) run update-plus with --dry-run first to preview actions; 5) be aware it performs git pull on your skills directories (so remote repo changes can be applied automatically) and can create a cron entry — only enable automated updates if you trust your skills' remote origins. If you need higher assurance, review the GitHub repo history/owner (hopyky) before cloning and consider running the scripts in a controlled environment first.
Latest Release
v4.0.3
v4.0.3: Check updates before backup, use curl for connection check
More by @hopyky
Published by @hopyky on ClawHub
