Claw Soul Backup
Security checks across malware telemetry and agentic risk
Overview
This backup skill has a coherent encrypted-backup purpose, but it asks the agent to follow mutable remote instructions while handling workspace archives, secrets, and recurring uploads.
Install only if you trust the Claw Vault service and are comfortable with the agent consulting remote instructions that can change after review. Verify the remote instructions before use, encrypt locally, limit what goes into the archive, store the returned token securely, and create the cron job only with a clear way to disable it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.