Keep an OpenClaw agent's non-sensitive context (selected memory, MD files, notes, and custom skills) under version control in a separate Git repository for remote review/tweaks. Use when setting up or operating a Git-based workflow to export workspace context, commit changes (possibly split into multiple commits), and push on a schedule (e.g., nightly) without leaking secrets.
Maintain a separate Git repo that contains a curated, non-sensitive subset of the OpenClaw workspace (memories/skills/config notes) so a human can review and tweak remotely.
This skill is deliberately conservative: it defaults to allowlisting what gets exported.
The sync repo is a trust boundary. Treat all inbound pull content as potentially unsafe.
memory/public/ (opt-in) over raw memory/*.md.pull.sh; run pulls only when explicitly requested.$HOME/.openclaw/workspace$HOME/.openclaw/workspace/openclaw-sync-reporeferences/export-manifest.txtgit, rsync, python3SYNC_REMOTE set in references/.envgh (only for scripts/create_private_repo.sh), jq (improves grouped commit handling)cp references/.env.example references/.envreferences/.env for your environment.SYNC_REMOTE to your private repo SSH URL.SYNC_REMOTE="[email protected]:YOUR_ORG/YOUR_REPO.git"
Use scripts/create_private_repo.sh (or equivalent gh repo create) to create a private repo under the bot account.
Run scripts/sync.sh with:
SYNC_REMOTE (SSH remote, e.g. [email protected]:YOUR_ORG/YOUR_REPO.git)SYNC_REPO_DIR (local path to sync repo)The script will:
Schedule a nightly OpenClaw cron agentTurn that runs push sync only (scripts/sync.sh) and reports success/failure.
Do not schedule pull.sh or context.sh pull; pulls must be manual and explicitly requested.
scripts/sync.sh: export + commit (grouped) + pushscripts/create_private_repo.sh: create GitHub private repo via ghreferences/export-manifest.txt: allowlist of paths to exportreferences/groups.json: commit grouping rules