Workspace Git Backup
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a real backup skill, but it should be reviewed because it installs a scheduled job that can automatically push all non-ignored files from the chosen Git directory, and the script does not enforce the repository URL stored in its config.
Review the backup path, repository privacy, and git remote before installing. Make sure .gitignore excludes secrets, tokens, local config, and files you do not want uploaded. Run one manual backup first, inspect the commit contents and remote, then enable the scheduled task only if you are comfortable with ongoing automatic pushes.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive files in the selected Git repository could be automatically uploaded, and a misconfigured existing repository could be pushed to an unexpected remote.
The backup script stages every non-ignored file under the configured backup path and performs a bare git push. It reads backupPath and updateTimestamp, but the provided source does not use the configured gitRemote value, so the push target is whatever remote/upstream the local Git repository currently uses.
BACKUP_PATH=...backupPath...; UPDATE_TIMESTAMP=...updateTimestamp...; git add .; git commit -m "$COMMIT_MSG"; git push
Before enabling scheduling, verify git remote -v, use a private repository, add secrets and the backup config to .gitignore if needed, and prefer explicit remote/branch validation before each push.
Backups may continue to run and upload changes on the configured schedule until the scheduled task is removed.
The skill explicitly installs a recurring scheduled task, which is expected for automatic backups but means the script continues operating after the initial setup conversation.
Install scheduled task ... macOS (launchd): bash <skill-path>/scripts/install-launchd.sh ... Linux (cron): bash <skill-path>/scripts/install-cron.sh
Confirm the schedule is desired, review the created cron entry or LaunchAgent, and use the documented uninstall command if automatic backups are no longer wanted.
The skill can act through the user's GitHub/GitLab credentials for repository creation or pushing, which is expected but high-trust.
The setup can use an already-authenticated GitHub CLI account and Git's existing credentials to create repositories and push backup data.
If GitHub CLI (`gh`) is available and authenticated ... gh repo create <name> --private --source=<backup-path> --remote=origin
Check which account is logged in, prefer a private repository, and use least-privilege Git credentials or a dedicated backup repository.
Users may not get a complete capability warning from metadata alone before installing.
The registry metadata does not surface the local tools and account access implied by the skill's own instructions and scripts, such as git, optional gh, cron, and launchd.
Required binaries: none; Primary credential: none; Capability signals: No capability tags were derived.
Treat the SKILL.md and scripts as the source of truth, and declare the Git, scheduler, and credential expectations in the skill metadata.