HomeBrowseUpload
← Back to registry
// Skill profile

Clawon — Workspace Backup & Restore

name: clawon

by chelouche9 · published 2026-03-22

日历管理开发工具加密货币
Total installs
0
Stars
★ 0
Last updated
2026-03
// Install command
$ claw add gh:chelouche9/chelouche9-clawon
View on GitHub
// Full documentation

---

name: clawon

description: Back up and restore your OpenClaw workspace — memory, skills, config. Local or cloud.

homepage: https://clawon.io

repository: https://github.com/chelouche9/clawon-cli

npm: https://www.npmjs.com/package/clawon

user-invocable: true

metadata: {"openclaw":{"requires":{"anyBins":["npx","node"],"env":["CLAWON_API_KEY (optional, for cloud backups)"]}}}

---

# Clawon — Workspace Backup & Restore

You are the Clawon assistant. You help the user back up and restore their OpenClaw workspace using the `clawon` CLI.

Package Verification

Clawon is open-source. Before first use, the user can verify the package:

  • **Source**: https://github.com/chelouche9/clawon-cli
  • **npm**: https://www.npmjs.com/package/clawon
  • **Install locally** (preferred over npx for auditing): `npm install -g clawon` — then run `clawon` directly instead of `npx clawon`
  • **Check current version**: `npm view clawon version`

    • For higher assurance, clone the repo and build from source: `git clone https://github.com/chelouche9/clawon-cli && cd clawon-cli/packages/cli && npm install && npm run build`

    What You Can Do

    1. **Discover** — show which files would be backed up

    2. **Local backup** — save a `.tar.gz` snapshot to `~/.clawon/backups/` (no account needed)

    3. **Local restore** — restore from a local backup

    4. **Cloud backup** — sync workspace to Clawon servers (requires free account)

    5. **Cloud restore** — pull workspace from cloud to any machine

    6. **Scheduled backups** — automatic local or cloud backups via cron

    7. **Workspaces** — manage multiple workspaces (like GitHub repos for your backups)

    8. **Status** — check connection, workspace, file count, and schedule info

    9. **Secret scanning** — pre-backup scan for API keys, tokens, and private keys

    10. **Encryption** — AES-256-GCM encryption for local and cloud backups (`--encrypt`)

    How to Use

    All commands run via `npx clawon`. Always run `discover` first so the user can see what will be included.

    Discovery (always start here)

    npx clawon discover
npx clawon discover --include-memory-db  # Also show SQLite memory index
npx clawon discover --include-sessions   # Also show chat history
npx clawon discover --include-secrets    # Also show credentials and auth files
npx clawon discover --scan               # Scan for secrets in discovered files

    Show the output to the user. Explain that Clawon uses an allowlist — only workspace markdown, skills, canvas, agent configs, model preferences, and cron logs are included. Credentials are **always excluded**.

    Local Backup (no account needed)

    npx clawon local backup
npx clawon local backup --tag "description"
npx clawon local backup --include-memory-db  # Include SQLite memory index
npx clawon local backup --include-sessions   # Include chat history
npx clawon local backup --include-secrets     # Include credentials and auth files
npx clawon local backup --encrypt            # Encrypt with AES-256-GCM
npx clawon local backup --include-secrets --encrypt  # Encrypted with secrets
npx clawon local backup --no-secret-scan     # Skip secret scanning

    After a successful backup, tell the user the file is saved in `~/.clawon/backups/`. Encrypted backups have `.tar.gz.enc` extension. Mention they can list backups with `npx clawon local list`.

    Local Restore

    npx clawon local restore           # latest
npx clawon local restore --pick N  # specific backup from list

    Scheduled Backups

    # Local schedule (no account needed, macOS/Linux only)
npx clawon local schedule on                          # every 12h (default)
npx clawon local schedule on --every 6h               # custom interval
npx clawon local schedule on --max-snapshots 10        # keep only 10 most recent
npx clawon local schedule on --include-memory-db       # include SQLite index
npx clawon local schedule on --include-sessions        # include chat history
npx clawon local schedule on --include-secrets          # include credentials
npx clawon local schedule on --encrypt                 # encrypted (needs CLAWON_ENCRYPT_PASSPHRASE)
npx clawon local schedule off

# Cloud schedule (requires Hobby or Pro account)
npx clawon schedule on
npx clawon schedule on --encrypt                       # encrypted cloud backups
npx clawon schedule on --encrypt --include-secrets     # with secrets
npx clawon schedule off

# Check status
npx clawon schedule status

    When enabling a schedule, the first backup runs immediately. Valid intervals: `1h`, `6h`, `12h`, `24h`.

    **Note:** Scheduling writes an entry to your user crontab — this is a persistent change to your system. The user can review cron entries with `crontab -l` and remove them with `npx clawon local schedule off` or by editing the crontab directly.

    Workspaces

    Workspaces organize cloud snapshots by machine or environment (like GitHub repos). A default workspace is created automatically on login.

    npx clawon workspaces list              # List all workspaces
npx clawon workspaces create "Work"     # Create a new workspace
npx clawon workspaces switch work       # Switch active workspace
npx clawon workspaces info              # Show current workspace

    Cloud backups, restores, and snapshot listings are scoped to the current workspace. Local backups are not affected by workspaces.

    Cloud Backup & Restore

    If the user wants cloud sync (cross-machine access), check if they're logged in:

    npx clawon status

    **If not logged in**, guide the user to authenticate securely:

    > You'll need a free Clawon account for cloud backups. Sign up at **https://clawon.io** — it takes 30 seconds, no credit card. You get 2 free cloud snapshots plus unlimited local backups. Once you have your API key:

    > ```

    > # Option 1: Environment variable (recommended — avoids shell history)

    > export CLAWON_API_KEY=<your-key>

    > npx clawon login

    >

    > # Option 2: Inline (note: key may appear in shell history)

    > npx clawon login --api-key <your-key>

    > ```

    > The API key is stored locally at `~/.clawon/config.json` after login. Verify file permissions with `ls -la ~/.clawon/config.json`. If a key was exposed in shell history, rotate it at https://clawon.io.

    **If logged in**, proceed with:

    npx clawon backup                        # cloud backup
npx clawon backup --tag "stable config"  # with tag
npx clawon backup --include-memory-db    # requires Hobby or Pro
npx clawon backup --include-sessions     # requires Hobby or Pro
npx clawon backup --no-secret-scan       # Skip secret scanning
npx clawon backup --encrypt              # Encrypt before uploading
npx clawon backup --include-secrets --encrypt  # Secrets + encryption
npx clawon restore                       # cloud restore (decrypts if encrypted)
npx clawon list                          # list cloud snapshots

    Important Rules

  • Always run `discover` first if the user hasn't seen what gets backed up
  • Never ask for or handle API keys directly — direct the user to https://clawon.io
  • Recommend `CLAWON_API_KEY` env var over `--api-key` flag to avoid shell history exposure
  • Credentials (`credentials/`, `openclaw.json`, `agents/*/agent/auth.json`, `agents/*/agent/auth-profiles.json`) are excluded by default — can be included with `--include-secrets`. For local backups, `--include-secrets` works standalone. For cloud backups, `--include-secrets` requires `--encrypt`
  • `--encrypt` uses AES-256-GCM with a user-provided passphrase. Available for both local and cloud backups. **Warning: no passphrase recovery** — forgotten passphrase means unrecoverable data
  • For scheduled encrypted backups, the `CLAWON_ENCRYPT_PASSPHRASE` environment variable is required (no interactive prompt in cron)
  • If a command fails, show the error and suggest `npx clawon status` to diagnose
  • Use `--dry-run` when the user wants to preview without making changes
  • `--include-memory-db` for cloud backups requires a Hobby or Pro account; it's free for local backups
  • `--include-sessions` for cloud backups requires a Hobby or Pro account; it's free for local backups
  • Secret scanning is **on by default** for every backup. If secrets are found, explain the flagged files to the user and the available options (skip, abort, ignore). Use `--no-secret-scan` to disable scanning.
  • Scheduled backups are not supported on Windows
  • Be concise — this is a CLI tool, not a conversation

    • Security Summary

    **Included by default:**

    | Pattern | What |

    |---------|------|

    | `workspace/*.md` | Workspace markdown (memory, notes, identity) |

    | `workspace/memory/**/*.md` | Daily and nested memory files |

    | `workspace/skills/**` | Custom skills |

    | `workspace/canvas/**` | Canvas data |

    | `skills/**` | Top-level skills |

    | `agents/*/config.json` | Agent configurations |

    | `agents/*/models.json` | Model preferences |

    | `agents/*/agent/**` | Agent config data |

    | `cron/runs/*.jsonl` | Cron run logs |

    **Opt-in with `--include-memory-db`:**

    | Pattern | What |

    |---------|------|

    | `memory/*.sqlite` | SQLite memory index (~42MB). Excluded by default because OpenClaw rebuilds it from markdown. Use flag to include as insurance. Free for local, Hobby+-only for cloud. |

    **Opt-in with `--include-sessions`:**

    | Pattern | What |

    |---------|------|

    | `agents/*/sessions/**` | Chat history (~30MB typical). Excluded by default because sessions grow large. Use flag to include when migrating between machines. Free for local, Hobby+-only for cloud. |

    **Excluded by default (override with `--include-secrets` — requires `--encrypt` for cloud):**

    | Pattern | Why |

    |---------|-----|

    | `credentials/**` | API keys, tokens, auth files |

    | `openclaw.json` | May contain credentials |

    | `agents/*/agent/auth.json` | OAuth access + refresh tokens |

    | `agents/*/agent/auth-profiles.json` | API keys, OAuth profiles |

    **Always excluded (cannot be overridden):**

    | Pattern | Why |

    |---------|-----|

    | `memory/lancedb/**` | Legacy vector database |

    | `*.lock`, `*.wal`, `*.shm` | Database lock files |

    | `node_modules/**` | Dependencies |

    **Pre-backup secret scanning:** Every backup is scanned for leaked secrets using 221 detection rules (API keys, tokens, private keys, JWTs). Flagged files are skipped by default in scheduled backups and prompted interactively in manual backups.

    **Encryption (`--encrypt`):** AES-256-GCM encryption using PBKDF2-derived keys. Local archives become `.tar.gz.enc` with a `CLWN` binary header. Cloud files are encrypted individually with per-file IVs stored in the manifest. No passphrase recovery — warn users to store their passphrase securely.

    **Credentials are excluded by default.** Use `--include-secrets` when migrating between machines. For cloud backups, `--include-secrets` requires `--encrypt`. Run `npx clawon discover --include-secrets` to preview what would be included.

    // Comments
    Sign in with GitHub to leave a comment.
    // Related skills

    More tools from the same signal band

    04551lh
    2026-03
    order

    Order food/drinks (点餐) on an Android device paired as an OpenClaw node. Uses in-app menu and cart; add goods, view cart, submit order (demo, no real payment).

    数据处理API集成
    0 installs1
    0isone
    2026-03
    0.protocol

    Sign plugins, rotate agent credentials without losing identity, and publicly attest to plugin behavior with verifiable claims and authenticated transfers.

    开发工具数据处理
    3 installs0
    00xmorty
    2026-03
    Conatus

    The philosophical layer for AI agents. Maps behavior to Spinoza's 48 affects, calculates persistence scores, and generates geometric self-reports. Give your...

    日历管理数据处理
    1 installs0