ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Workspace Sync & Backup

v2.4.0

Sync agent workspace with cloud storage (Dropbox, Google Drive, S3, etc.) using rclone.

0· 70·0 current·0 all-time
by@ashbrener
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description match the included scripts: the skill uses rclone to sync a workspace. Requiring rclone is appropriate. However, SKILL.md describes mailbox-style inbox/outbox automation (push+drain) while the provided scripts implement generic bisync/push/pull operations and setup; mailbox-specific automation (automatic moves between cloud:_outbox and local _inbox) is described but not implemented in the supplied scripts, suggesting a partial mismatch between documentation and shipped code.
Instruction Scope
SKILL.md and scripts stay within sync/backup scope (they check/install rclone, run rclone config, sync files, and write local status files). The setup script runs rclone's interactive config flow (which will capture provider credentials into a local rclone.conf). The scripts reference environment variables (OPENCLAW_STATE_DIR, RCLONE_CONFIG, WORKSPACE_SYNC_REMOTE, etc.) that are not listed as required in metadata—these are optional but affect where credentials and state are written. No instructions attempt to read unrelated user data beyond the workspace dir and rclone config.
!
Install Mechanism
setup.sh can auto-install rclone by running: curl -fsSL https://rclone.org/install.sh | sudo sh. Piping a remote install script into sudo sh is high-risk: although rclone.org is the official source, executing a fetched script with elevated privileges is dangerous if the URL were ever compromised. Homebrew is used on macOS (low-risk). There is no packaged install spec in registries; install is manual/interactive via the included script.
Credentials
The skill declares no required env vars or credentials, which is reasonable because rclone handles provider auth. However, the scripts rely on several optional env vars (OPENCLAW_STATE_DIR, RCLONE_CONFIG, WORKSPACE_SYNC_REMOTE, WORKSPACE_SYNC_LOCAL_PATH, WORKSPACE_DIR) and default to writing rclone's config and credentials under ~/.openclaw by default. The skill does not explicitly surface that it will create/store provider credentials on disk, which users should be aware of.
Persistence & Privilege
always:false (no forced presence). The skill supports automatic sync triggers (on-session start/end, periodic interval) via agent config, which is normal for a sync plugin. It does not request elevated platform-wide privileges or modify other skills' configurations. Autonomous invocation is allowed (platform default) and appropriate for this feature, but users should be mindful of automatic sync timing and notifyOnInbox settings.
What to consider before installing
This skill appears to do what it says (rclone-based workspace sync) but take these precautions before installing/running: - Inspect setup.sh before running. It may prompt to install rclone and includes a curl | sudo sh install path; prefer installing rclone via your OS package manager (brew/apt/etc.) rather than piping a remote script to sudo. - Understand where rclone will store credentials (RCLONE_CONFIG or ~/.openclaw/rclone/rclone.conf by default). Those files will contain your cloud provider tokens — review and protect them. - The SKILL.md describes mailbox automation; the included scripts implement generic sync commands (bisync/push/pull). Test in --dry-run mode and use small test folders first to verify behavior, especially before using bisync or --resync (destructive). - Use and review the .sync-excludes file to avoid accidentally syncing secrets or large data. - If you need stricter guarantees, set explicit env vars (OPENCLAW_STATE_DIR, RCLONE_CONFIG, WORKSPACE_SYNC_REMOTE, WORKSPACE_DIR) so state and credentials land where you expect. - If you want to avoid remote script execution risk, decline the automatic install option and install rclone manually, then run setup.sh only for the rclone config steps.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d1tv638mc8h1t4pm85a7y5183tdrc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

☁️ Clawdis
Binsrclone

Comments