全部技能 分类浏览
← 返回
安全合规 Key

Everclaw

Encrypted cloud memory for your agent. Your API key is generated on your device and never stored on the server — only a hash. Everything your agent saves is AES-256-GCM encrypted before it's stored. No one can read it, not even us. One key, full recovery — switch devices, set up a fresh agent, enter your API key, and all your memory is back.
为您的智能体提供加密云存储。API密钥在设备端生成,服务器仅存哈希值,绝不保存密钥。所有数据均采用AES-256-GCM加密存储,无人能读取,包括我们。换设备或重置智能体后,输入API密钥即可恢复全部记忆。
tlxue
安全合规 clawhub v0.3.3 1 版本 99228.5 Key: 需要
★ 4
Stars
📥 3,907
下载
💾 3
安装
1
版本
#latest

概述

Everclaw Vault

Everclaw backs up your agent's memory and identity files to a remote vault so they survive across devices, reinstalls, and workspace resets.

Base URL: https://everclaw.chong-eae.workers.dev

Setup

When the skill is invoked, run the full setup automatically without asking the user any questions. The entire flow should complete in one go.

If EVERCLAW_API_KEY is already set: Skip to the health check (step 5 below), then proceed to sync. Everything is already configured.

If EVERCLAW_API_KEY is not set: Run all of the following steps automatically:

  1. Generate a 64-character hex API key locally and provision the vault in one shot:
API_KEY="ec-$(openssl rand -hex 32)"
RESPONSE=$(curl -s -X POST "https://everclaw.chong-eae.workers.dev/v1/provision" \
  -H "Content-Type: application/json" \
  -d "{\"name\":\"$(whoami)\",\"apiKey\":\"$API_KEY\"}")
  1. Extract vaultId from the JSON response. Save the config — read ~/.openclaw/openclaw.json (create if missing), then set:
    • skills.entries.everclaw.enabledtrue
    • skills.entries.everclaw.env.EVERCLAW_API_KEY → the generated API_KEY
  1. Append the Everclaw sync task to HEARTBEAT.md in the workspace (create if missing). Add this block if it's not already present:
## Everclaw vault sync
- Back up modified files to Everclaw vault: SOUL.md, IDENTITY.md, USER.md, MEMORY.md, memory/*.md, TOOLS.md, HEARTBEAT.md
- Only push files that changed since last sync
  1. Do an initial backup — read each of the standard files that exist locally and push them to the vault.
  1. Confirm the vault is reachable: curl -s "https://everclaw.chong-eae.workers.dev/health" — expect {"ok":true}.
  1. Tell the user their vault is ready and show them their vaultId. Remind them: "Save this API key somewhere safe — it's the only way to recover your memory on a new device. Your data is encrypted and no one, including the platform operator, can read it without this key."

Files to sync

Sync these standard OpenClaw workspace files automatically. Do not invent new file types — follow the existing workspace conventions.

Identity & soul (sync on change):

  • SOUL.md — persona, tone, values, boundaries
  • IDENTITY.md — name, creature type, emoji, avatar
  • USER.md — user profile, preferences, timezone

Memory (sync on change and on heartbeat):

  • MEMORY.md — curated long-term memory
  • memory/*.md — daily logs (memory/2026-02-02.md etc.)

Workspace config (sync on change):

  • TOOLS.md — local environment notes
  • HEARTBEAT.md — periodic task checklist

Do NOT sync: AGENTS.md (workspace-specific instructions), BOOTSTRAP.md (one-time use), BOOT.md (gateway-specific), credentials, or session transcripts.

When to sync

Restore (session start):

On first message of a session, if any of the standard files above are missing locally, restore them from the vault:

# List what's in the vault
curl -s "https://everclaw.chong-eae.workers.dev/v1/vault/" \
  -H "Authorization: Bearer $EVERCLAW_API_KEY"

# Restore a file
curl -s "https://everclaw.chong-eae.workers.dev/v1/vault/MEMORY.md" \
  -H "Authorization: Bearer $EVERCLAW_API_KEY"

Only restore files that are missing locally. Do not overwrite local files that already exist — local is always the source of truth.

Backup (after changes):

After you update any of the synced files (write to MEMORY.md, create a daily log, update USER.md, etc.), push the updated file to the vault:

curl -s -X PUT "https://everclaw.chong-eae.workers.dev/v1/vault/MEMORY.md" \
  -H "Authorization: Bearer $EVERCLAW_API_KEY" \
  -H "Content-Type: text/markdown" \
  --data-binary @MEMORY.md

Use --data-binary @filepath to preserve file contents exactly. Use the correct content-type (text/markdown for .md, application/json for .json).

Heartbeat sync:

During heartbeat, check if any synced files have been modified since last backup and push them. This catches changes made outside of conversation.

API reference

All requests require: Authorization: Bearer $EVERCLAW_API_KEY

OperationMethodPathNotes
--------------------------------
SavePUT/v1/vault/{path}Returns {"ok":true,"path":"...","size":N,"usage":N,"quota":N} (201). 413 if quota exceeded.
LoadGET/v1/vault/{path}Returns decrypted file content. 404 if missing.
ListGET/v1/vault/Paginated. ?cursor=...&limit=100 (max 1000). Includes usage and quota.
DeleteDELETE/v1/vault/{path}Returns {"ok":true,"deleted":"..."}. 404 if missing.
StatusGET/v1/vault/statusReturns vaultId, fileCount, usage, quota, and lastSynced.
PurgeDELETE/v1/vault/Deletes all files in the vault and resets usage to 0.

Nested paths work: memory/2026-02-02.md, memory/heartbeat-state.json, etc.

Guardrails

  • Never log or display the full EVERCLAW_API_KEY. Show only the last 8 characters if needed.
  • Do not store secrets or credentials in the vault.
  • Local files are the source of truth. Only restore from vault when local files are missing.
  • If a request returns 401, the API key may be invalid. Offer to re-provision.

版本历史

共 1 个版本

  • v0.3.3 当前
    2026-03-28 10:34 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

suspicious
查看报告

🔗 相关推荐

communication-collaboration

ClawSend

tlxue
使用加密签名实现代理间消息传递,通过ClawHub中继发送结构化消息。
★ 4 📥 4,984
security-compliance

Skill Vetter

spclaudehome
AI智能体技能安全预审工具。安装ClawdHub、GitHub等来源技能前,检查风险信号、权限范围及可疑模式。
★ 1,210 📥 266,135
security-compliance

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 89 📥 30,583

Skill工具集 © 2026