Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Security & Compliance
System Integrity And Backup
Encrypted backups, integrity verification, and data retention enforcement for Greek legal requirements (5-20 year retention). AES-256.
skill openclawclawhub Free
Encrypted backups, integrity verification, and data retention enforcement for Greek legal requirements (5-20 year retention). AES-256.
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- EVALS.json, SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 0.1.0
Provenance
- Publisher
- satoshistackalotto
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
System Integrity and Backup
This skill protects everything the OpenClaw Greek Accounting system holds. It runs silently in the background โ verifying that data has not been corrupted or unexpectedly deleted, managing encrypted backups to local storage, enforcing the retention obligations that Greek law places on accounting firms, and handling the schema migrations that keep the system consistent as skills evolve. No accounting firm could professionally deploy a system handling client financial records without this layer. Greek accounting firms are legally obligated to retain certain records for up to 20 years. A backup that has never been tested is not a backup. An integrity system that only runs when something breaks is too late.
Setup
export OPENCLAW_DATA_DIR="/data" export OPENCLAW_ENCRYPTION_KEY="your-256-bit-key" # Never store on disk which jq openssl tar || sudo apt install jq openssl tar mkdir -p $OPENCLAW_DATA_DIR/backups Uses openssl for AES-256 backup encryption and SHA-256 integrity verification. The encryption key must be provided via environment variable โ it is never written to disk.
Core Philosophy
Silent Until Needed, Auditable Always: Integrity checks run on schedule without interrupting accounting operations. Every result โ pass or fail โ is permanently logged so the firm can demonstrate to a regulator or auditor that the system has been actively monitored Verified Backups, Not Just Created Ones: A backup is only as good as its last successful restore test. This skill tests backup archives on a regular schedule and flags any that cannot be verified Greek Legal Retention by Default: The retention schedule is pre-configured for Greek accounting law. Records are not deleted at retention expiry โ they are flagged for human review and then archived or deleted only with explicit approval Migrations Are Versioned and Reversible: When a skill update changes a data structure, the migration is applied as a numbered, logged operation. Every migration can be inspected; failed migrations are rolled back automatically No Silent Failures: If a backup fails, if an integrity check finds corruption, if a retention flag is triggered โ the firm is notified through the dashboard. Nothing fails quietly
Integrity Checks
# Full system integrity check openclaw integrity check --all openclaw integrity check --all --verbose # Check specific data trees openclaw integrity check --dir /data/clients/ openclaw integrity check --dir /data/compliance/ openclaw integrity check --afm EL123456789 # Single client full check # Hash registry operations openclaw integrity hash-update --dir /data/clients/ # Rebuild hash registry after known change openclaw integrity hash-verify --dir /data/clients/ # Verify current files against registry openclaw integrity hash-diff --since yesterday # Show files changed since timestamp # Audit log openclaw integrity audit-log --last 30-days openclaw integrity audit-log --failures-only openclaw integrity audit-log --afm EL123456789 --last 90-days # Generate integrity report (suitable for audit/regulatory inspection) openclaw integrity report --period 2026-01 --format pdf openclaw integrity report --year 2025 --full --format pdf openclaw integrity report --format json --output /data/reports/system/
Backup Management
# Manual backup triggers openclaw backup run --type full openclaw backup run --type incremental openclaw backup run --type clients --afm EL123456789 # Single client snapshot openclaw backup run --type compliance --period 2026-01 # Post-filing snapshot # Backup schedule configuration openclaw backup schedule --full weekly --day sunday --time 02:00 openclaw backup schedule --incremental daily --time 03:00 openclaw backup schedule --event-driven --on submission-complete openclaw backup schedule --show # Backup verification (restore test without overwriting live data) openclaw backup verify --latest openclaw backup verify --backup-id BACKUP-20260218-001 openclaw backup verify --all --last 30-days openclaw backup verify --restore-test --target /tmp/verify-restore/ # Full restore to temp # Backup listing and status openclaw backup list --all openclaw backup list --type full --last 10 openclaw backup status --show-verified --show-unverified --show-failed openclaw backup manifest --update # Rebuild manifest from actual backup files # Off-site export (manual โ operator copies encrypted files to external media) openclaw backup export --backup-id BACKUP-20260218-001 --output /mnt/external/ openclaw backup export --latest-full --output /mnt/external/
Retention Management
# Check retention status openclaw retention check --all-clients openclaw retention check --afm EL123456789 --verbose openclaw retention flagged --show-all # Records past retention date awaiting action # Retention schedule management openclaw retention schedule-view # Show current retention rules openclaw retention schedule-update --record-type financial-statements --years 10 # Archiving and deletion (always requires explicit approval) openclaw retention archive --afm EL123456789 --record-type invoices --older-than 7-years --approved-by "yannis.k" openclaw retention delete --afm EL123456789 --record-type payroll-detail --older-than 5-years --approved-by "yannis.k" --confirm openclaw retention report --period 2026-01 --records-archived --records-deleted
Schema Migration
# Migration status openclaw migrate status # Current schema version and pending migrations openclaw migrate list --pending # Migrations not yet applied openclaw migrate list --applied # Applied migrations with dates # Apply migrations openclaw migrate run --next # Apply next pending migration openclaw migrate run --all # Apply all pending migrations openclaw migrate run --id v2.1_20260301_add-financial-statements-index # Rollback openclaw migrate rollback --last # Rollback the most recent migration openclaw migrate rollback --to v2.0 # Migration inspection openclaw migrate diff --migration v2.1_20260301_add-financial-statements-index openclaw migrate dry-run --next # Show what would change without applying
Health Dashboard Feed
# Status outputs consumed by the dashboard openclaw integrity health-status # Single-call summary: backup age, last check, any failures openclaw backup age # Time since last successful full backup openclaw retention due # Records due for retention action this month
What Is Checked
Integrity_Check_Scope: file_existence: description: "Every file referenced in index files and registries actually exists on disk" checks: - "/data/clients/_index.json entries โ /data/clients/{AFM}/ directories exist" - "/data/clients/{AFM}/documents/registry.json entries โ files exist" - "/data/compliance/submissions/ receipts โ referenced filing XML files exist" - "/data/clients/{AFM}/financial-statements/index.json โ statement files exist" hash_verification: description: "SHA256 hash of every canonical data file matches the registered hash" hash_registry: "/data/system/integrity/hash-registry.json" when_hash_registered: "On every write to a canonical file (all skills call openclaw integrity hash-update on write)" on_mismatch: "Flag as CORRUPTION. Alert immediately. Do not proceed with accounting operations on affected client until resolved." on_new_file_not_in_registry: "Flag as UNREGISTERED_WRITE. Log for investigation." structural_validation: description: "Key JSON files conform to expected schema" files_validated: - "/data/clients/{AFM}/profile.json" - "/data/clients/{AFM}/compliance/filings.json" - "/data/clients/_index.json" - "/data/system/skill-versions.json" on_schema_mismatch: "Flag as SCHEMA_DRIFT. Usually indicates a migration is pending." referential_integrity: description: "Cross-references between files are consistent" checks: - "Every AFM in _index.json has a corresponding directory" - "Every filing in filings.json has a corresponding submission receipt" - "Every financial statement in the index actually exists as a file" - "No orphaned files in /data/compliance/ without a corresponding client" storage_health: description: "Disk usage and growth rate" checks: - "Total /data/ usage against configured storage limit" - "Growth rate per directory โ flag if growing faster than baseline" - "Memory directory size against configured maximum"
Check Scheduling
Integrity_Schedule: full_check: frequency: "Weekly โ Sunday 04:00 Athens time (after backup)" scope: "All directories, all files, all cross-references" duration_estimate: "5-15 minutes depending on data volume" quick_check: frequency: "Daily โ 05:00 Athens time" scope: "Hash verification of client and compliance directories only" duration_estimate: "1-3 minutes" event_driven: triggers: - "After any government submission (verify submission receipt written correctly)" - "After any schema migration (verify migration applied cleanly)" - "After any backup restore test (verify restored data matches original)" scope: "Targeted โ only the affected files and directories" never_during: - "Business hours (08:00-18:00 Athens time) โ scheduled checks only" - "Active monthly processing run โ wait for pipeline completion"
Backup Types and Schedule
Backup_Types: full_backup: frequency: "Weekly โ Sunday 02:00 Athens time" scope: "Complete /data/ tree excluding /data/processing/ (ephemeral)" encryption: "AES-256 with key stored in /data/auth/backup-key.enc" filename: "full_{YYYYMMDD}_{HHMMSS}.tar.enc" retention: "Keep last 8 full backups (8 weeks rolling)" verify_schedule: "Tested within 24 hours of creation" incremental_backup: frequency: "Daily โ Monday through Saturday, 03:00 Athens time" scope: "Files modified since last backup (using hash registry delta)" filename: "incremental_{YYYYMMDD}_{HHMMSS}.tar.enc" retention: "Keep last 30 incremental backups" verify_schedule: "Spot-tested weekly (every 7th incremental)" event_driven_snapshot: triggers: - "After any government submission (VAT, EFKA, E1, corporate tax)" - "After any client onboarding (new client record created)" - "After any schema migration" scope: "Specific affected directories only" filename: "snapshot_{event-type}_{AFM}_{YYYYMMDD}_{HHMMSS}.tar.enc" retention: "Keep indefinitely โ these are milestone records" verify_schedule: "Verified immediately after creation"
Backup Verification
Backup_Verification: method: "Restore to isolated temporary directory, run integrity check against restored data" what_is_verified: - "Archive can be decrypted with current key" - "Archive is not corrupted (tar integrity check)" - "File count matches manifest" - "Sample file hashes match registered hashes" - "No files present in manifest that are missing from archive" result_states: VERIFIED: "Archive passed all checks โ recorded in manifest" PARTIAL: "Archive intact but some files could not be verified against hash registry" FAILED: "Archive corrupted, undecryptable, or missing files โ immediate alert" on_failed_backup: action_1: "Alert dashboard immediately" action_2: "Trigger new backup attempt within 1 hour" action_3: "If second attempt also fails: alert senior accountant via dashboard critical alert" action_4: "Log failure to /data/system/integrity/audit-log.json" never: "Never silently mark a failed backup as OK"
Backup File Structure
Backup_Manifest_Entry_Fields: - backup_id # BACKUP-{YYYYMMDD}-{3digits} - type # full / incremental / snapshot - created_at_utc # ISO timestamp - filename # Exact filename in /data/backups/ - size_bytes - file_count - scope # What directories were included - trigger # scheduled / event:submission / event:onboarding / manual - verified # true / false / pending - verified_at_utc # ISO timestamp of last verification - verify_result # VERIFIED / PARTIAL / FAILED / pending - event_reference # If event-driven: filing ID, AFM, etc.
Retention Schedule
Greek accounting law sets minimum retention periods. This skill enforces them with a conservative approach โ when in doubt, retain longer and require human approval before deletion. Retention_Schedule: financial_records: types: - "VAT returns and supporting documents" - "Financial statements (P&L, Balance Sheet)" - "Invoice records (sales and purchases)" - "Bank reconciliation reports" minimum_retention_years: 5 recommended_retention_years: 7 legal_basis: "Greek VAT Code Article 36, Law 4308/2014" payroll_records: types: - "Employee payroll records" - "EFKA contribution calculations" - "Employment contracts" - "Payslips" minimum_retention_years: 5 note: "EFKA may audit up to 5 years back" government_submission_receipts: types: - "AADE submission references" - "myDATA transmission records" - "EFKA declaration receipts" system_default: "Retain indefinitely unless explicitly deleted" note: "Storage cost is negligible; risk of needing them is real" client_contracts_and_identity: types: - "Client engagement letters" - "AFM verification records" - "GDPR consent records" minimum_retention_years: 5 post_relationship_retention: 5 note: "5 years after end of client relationship, not from document creation" correspondence: types: - "Outgoing letters (Skill 16 sent records)" - "Inbound email classifications" minimum_retention_years: 5 audit_and_integrity_logs: types: - "/data/system/integrity/audit-log.json" - "/data/auth/logs/" retention: "Permanent โ never deleted" reason: "Regulatory and professional liability" processing_and_temp_files: types: - "/data/processing/ (all subdirectories)" - "/data/memory/episodes/ and /data/memory/failures/" retention_days: 90 action: "Auto-purge after 90 days โ these are operational, not legal records" exception: "Memory patterns/ and corrections/ โ retained indefinitely as system learning assets"
Retention Action Workflow
Retention_Action: step_1: "Flag records past retention date in /data/system/integrity/retention-schedule.json" step_2: "Alert dashboard โ show which records are due for action" step_3: "Human reviews: openclaw retention flagged --show-all" step_4: "Human chooses: archive (cold storage) or delete" step_5: "Archive: openclaw retention archive --approved-by {username}" "Delete: openclaw retention delete --approved-by {username} --confirm" step_6: "Action logged permanently in integrity audit-log" never: "Auto-delete any client financial record without explicit human approval"
Schema Migration
Migration_System: version_format: "v{MAJOR}.{MINOR}_{YYYYMMDD}_{description}" examples: - "v1.0_20260101_initial-schema" - "v2.0_20260218_add-financial-statements" - "v2.1_20260301_add-correspondence-tree" migration_file_contents: - description: "Plain English description of what changes" - affects: "List of directories and file patterns affected" - forward_steps: "Ordered list of operations to apply the migration" - rollback_steps: "Ordered list of operations to reverse the migration" - validation: "Checks to run after applying โ confirms migration succeeded" - estimated_duration: "Expected time to apply" safety_rules: - "Never modify production data without taking a snapshot backup first" - "Run dry-run before applying any migration to production" - "Apply one migration at a time โ never batch-apply untested migrations" - "All migrations tested in an isolated restore before production application" - "Failed migration triggers automatic rollback โ never leaves data in partial state" current_schema_version: location: "/data/system/skill-versions.json" field: "schema_version"
File System
Skill_17_File_Paths: owns: - "/data/backups/" - "/data/system/integrity/" - "/data/system/backups/backup-manifest.json" - "/data/reports/system/" writes_on_event: - "/data/system/integrity/audit-log.json" - "/data/system/integrity/hash-registry.json" - "/data/system/integrity/last-check-results.json" - "/data/system/integrity/retention-schedule.json" reports: location: "/data/reports/system/" files: - "{YYYY-MM}_integrity_report.pdf" - "{YYYY-MM}_backup_status_report.pdf" - "{YYYY-MM}_retention_action_report.pdf"
Dashboard Integration
Dashboard_Feeds: health_status_card: data_source: "/data/system/integrity/last-check-results.json" fields_shown: - "Last full check: [date] โ [PASS / ISSUES FOUND]" - "Last backup: [date] โ [VERIFIED / UNVERIFIED / FAILED]" - "Storage used: X GB of Y GB" - "Retention flags: N records awaiting action" alerts: integrity_failure: "CRITICAL โ Data integrity issue detected in {directory}. Accounting operations suspended for affected clients." backup_failed: "CRITICAL โ Backup failed. Last verified backup: {N} days ago." backup_unverified: "WARNING โ Latest backup not yet verified." retention_due: "INFO โ {N} records are past retention date and require action." storage_at_80_percent: "WARNING โ Storage at {X}% capacity. Review and archive."
Memory Integration (Phase 4 โ Skill 19 hooks)
Memory_Integration: log_episodes: true episode_types: - backup_completed_and_verified - integrity_check_passed - migration_applied_successfully - retention_action_completed log_failures: true failure_types: - backup_failed - backup_verification_failed - integrity_check_found_corruption - migration_rollback_triggered - hash_mismatch_detected rate_limit_group: "system_operations" note: "System integrity failures must always be logged regardless of rate limits โ no token budget applies here"
Error Handling
Severity_Levels: CRITICAL: conditions: - Hash mismatch on any file in /data/clients/ or /data/compliance/ - Backup archive corrupted or undecryptable - Schema migration failed and rollback also failed response: - Suspend accounting operations on affected data - Alert dashboard immediately with red banner - Log to audit-log with CRITICAL marker HIGH: conditions: - Backup verification failed (archive intact but hash mismatch on restore) - Retention-past-date records found - Storage above 90% capacity response: - Dashboard yellow alert - Log to audit-log - Retry backup verification once before escalating to CRITICAL INFO: conditions: - Unregistered write detected (file not in hash registry) - Schema drift detected (file does not match expected structure) - Storage above 80% capacity response: - Dashboard notification - Log to audit-log - Flag for human review at next session
Success Metrics
A successful deployment of this skill should achieve: โ Every backup verified within 24 hours of creation โ zero unverified backups older than 48 hours โ Full integrity check passes weekly with zero unexplained hash mismatches โ Every schema migration applied cleanly with no data loss and full rollback capability โ Retention schedule enforced โ no record deleted without explicit human approval โ Integrity audit log is continuous and permanent โ no gaps โ Dashboard always shows current backup age and last check result โ never stale โ The firm can produce an integrity report for a regulator or auditor at any time covering any past period Remember: This skill exists so the firm can say โ to a client, a regulator, or an auditor โ "our systems are maintained, monitored, backed up, and compliant." That statement must be true and provable. Every feature in this skill exists to make it provable.
Category context
Identity, auth, scanning, governance, audit, and operational guardrails.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs1 Config
- SKILL.md
- EVALS.json