Backup OpenClaw Config

Security checks across malware telemetry and agentic risk

Overview

This backup skill does what it says, but it should be reviewed because it copies sensitive OpenClaw data and automatically deletes older backups without an opt-in prompt.

Review the shell script before installing or running it. Store generated backups somewhere private because they may contain tokens, memory, skills, and user data. Consider changing or disabling the 15-day cleanup unless you explicitly want old OpenClaw backup archives removed automatically.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill clearly instructs users to run shell scripts that create, modify, and restore files, yet the skill metadata declares no permissions. This is dangerous because it hides the true capability surface from any permission or review system, reducing informed consent and making destructive file operations easier to invoke without proper scrutiny.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 85% confidence
Finding: The stated purpose is backup and restore of configuration, but the documented behavior also includes retention-based deletion, backup of broader local data/workspace contents, and collection of host/user metadata. This mismatch matters because users may authorize the skill expecting narrow config handling while it actually performs additional persistence, deletion, and data collection actions involving sensitive material.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - Creates `openclaw_backup_YYYYMMDD_HHMMSS.tar.gz` archive - Creates `openclaw_backup_YYYYMMDD_HHMMSS.info` metadata file - Shows backup summary with file list and archive size - **Automatically deletes backups older than 15 days** to manage disk space ### Restore from Backup
Confidence: 81% confidence
Finding: Automatically delete

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal