Encrypted GitHub backup and restore for any OpenClaw agent system. Creates branch-per-night backups with smart retention (7 daily, 8 weekly, 12 monthly branches). Backs up openclaw.json (AES-256 encrypted), agent memories, SOUL/IDENTITY files, cron jobs, and custom skills to a private GitHub vault. Triggers on phrases like "avenger backup", "backup system", "push to vault", "sync vault", "avenger restore", "restore from vault", "setup avenger", "avenger status", "avenger init", "configure backup", "set up backup". Also auto-runs after any critical config change.
Encrypted, branch-based GitHub backup and restore for any OpenClaw system.
When setup is triggered, walk the user through it conversationally. Ask one question at a time.
"To set up Avenger Initiative, I need a private GitHub repo to use as your vault. Have you created one already? If so, share the URL (e.g. ). If not, I can help you create one."
https://github.com/yourname/my-vault"Your
openclaw.json(which contains all API keys and bot tokens) will be encrypted with AES-256 before being pushed. Do you have an existing encryption key from a previous Avenger setup, or should I generate a new one?"
bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/setup.sh \
--repo <vault-url>
"â ď¸ Your encryption key is below â save it NOW in 1Password, Bitwarden, or a secure note. Without this key, your backup cannot be decrypted."
Wait for user to confirm "saved" before proceeding.
openclaw.json â encrypted (all API keys, bot tokens, agent configs)Retention policy:
bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/backup.sh
bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/backup.sh
Creates backup/daily/YYYY-MM-DD branch â merges to main â prunes per retention policy.
On Sundays: also creates backup/weekly/YYYY-WNN.
On 1st of month: also creates backup/monthly/YYYY-MM.
bash ~/.openclaw/workspace/skills/avenger-initiative/scripts/restore.sh
Supports --branch backup/daily/YYYY-MM-DD to restore from a specific snapshot.
Shows vault manifest, asks for confirmation, decrypts and restores all files.
After restore: openclaw gateway restart
Check ~/.openclaw/workspace/memory/avenger-backup.log for last backup. Show timestamp, branch, and vault URL.
~/.openclaw/
âââ credentials/
â âââ avenger.key â Encryption key (NEVER commit)
â âââ avenger-config.json â Vault repo URL
âââ workspace/skills/avenger-initiative/
âââ SKILL.md
âââ scripts/
â âââ backup.sh
â âââ restore.sh
â âââ setup.sh
âââ references/
âââ security.md
openclaw.json â AES-256-CBC encrypted (PBKDF2, 100k iterations)See references/security.md for threat model and key rotation.
More verified OpenClaw skills available at proskills.md