ClawHub

openclaw-gitbak

Security checks across malware telemetry and agentic risk

Overview

This backup/restore skill is coherent, but it can push broad OpenClaw data to a default external Git remote and restore can delete local files without confirmation.

Review before installing. Edit config.sh so the Git host and organization point to repositories you control, inspect every backup path, and make a separate local copy before running any restore. Avoid restore.sh all until you have tested each target in a temporary directory, and review .gitignore so secrets, sessions, and private workspace files are not committed or pushed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents destructive backup and restore commands without warning the user that running restore may overwrite existing configuration or workspace files. In a backup/restore context this is plausibly expected behavior, but the lack of cautionary guidance increases the chance of accidental data loss or unintended repository-driven modification of a user's environment.

Missing User Warnings

High
Confidence
95% confidence
Finding
When the target directory exists but is not already configured with an origin remote, the script deletes all non-.git files before adding the remote and pulling. This can destroy local user data or configuration without an explicit confirmation, backup, dry-run, or even a strong warning, making accidental irreversible data loss likely during normal use.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal