Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Backup OpenClaw Config
v1.0.0Backup and restore OpenClaw configuration files. Use when backing up OpenClaw settings before upgrades, transferring configuration to another machine, restor...
⭐ 0· 77·0 current·0 all-time
byAlexJu@alexjunanjing-2
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The scripts and SKILL.md align with a backup/restore tool: they copy ~/.openclaw, ~/.config/openclaw, and ~/.local/share/openclaw, create timestamped tar.gz archives and .info metadata, and provide a restore flow. However, the shell and Python scripts disagree on the default backup directory (shell: /data00/backups/openclaw; Python: $HOME/backups/openclaw). The SKILL.md examples use $HOME/backups/openclaw. The /data00 default is unexpected for a user-facing tool and is not justified by the description.
Instruction Scope
SKILL.md instructs the agent/user to run the included scripts and to restart the OpenClaw gateway after restore. The scripts perform local file reads/writes and create metadata (hostname, user). They will include sensitive items (tokens/credentials) in backups; the SKILL.md warns about this but the scripts do not encrypt archives by default. The restore script will rename existing config directories to .bak and move files into place after a required 'yes' confirmation. No network endpoints or external data exfiltration are used by the scripts.
Install Mechanism
No install spec is provided; this is instruction-only with bundled scripts. Nothing is downloaded at install time, and no external URLs are fetched by the skill files. Risk from install mechanism is low.
Credentials
The skill requests no environment variables or credentials. The scripts use standard environment context (HOME, whoami/hostname) only. No extra secrets are required. That is proportionate to a local backup/restore utility.
Persistence & Privilege
always is false and there is no code that auto-enables or persists the skill. The skill does not attempt to modify other skills or system-wide agent settings. It performs file operations only within the config/workspace paths it claims to handle.
What to consider before installing
This skill is broadly what it claims to be, but review and adjust before use:
- Inspect the scripts before running. They will archive and extract your local OpenClaw config and workspace, including token files. The code is local and readable but will include sensitive data in backups.
- Fix the default path mismatch: the shell script uses /data00/backups/openclaw (likely wrong for most users) while the Python script and SKILL.md use $HOME/backups/openclaw. Set an explicit output directory when running to avoid writing to unexpected locations or requiring elevated permissions.
- Encrypt backups if they contain tokens/credentials (gpg or other) before storing or transferring; the scripts do not encrypt archives by default.
- Test a backup and restore on a non-production copy first to confirm behavior (the restore will move current config to .bak and overwrite files).
- Confirm cleanup behavior: the shell script deletes backups older than 15 days from the configured backup dir. Ensure that BACKUP_DIR is correct to avoid accidental deletion of other archives.
- Run scripts as the intended user (not root) and check permissions on created archives and .bak directories.
If you want to proceed, prefer invoking the Python script or the shell script with an explicit safe backup directory (e.g., in your home) and consider adding automatic encryption and stricter validation of inputs.Like a lobster shell, security has layers — review code before you run it.
latestvk97em6fsk2898dxnnbkn2fw1xh83d83e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.