Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Backup 2 Github
v1.0.1Backup personalized OpenClaw configuration and user data to a GitHub repo with single-commit history and optional dry-run preview.
⭐ 0· 105·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (backup to GitHub) aligns with the code and SKILL.md: it scans OpenClaw config/memory/profile files and pushes a single-commit backup to a GitHub repo. However, the registry metadata declares no required environment variables or primary credential even though both the SKILL.md and backup.py require a GITHUB_TOKEN and usually a GITHUB_REPO setting. That manifest omission is an incoherence and a transparency issue.
Instruction Scope
SKILL.md and backup.py limit actions to reading configured OpenClaw workspace/home paths and pushing to a GitHub repo. This stays within the stated backup scope. Important caveat: the script can include optional sensitive files (credentials/*.json) and any paths added to BACKUP_FILES, and the restore action will overwrite local files. Those behaviors are consistent with a backup/restore tool but are sensitive operations that require user review and explicit configuration.
Install Mechanism
Installation is standard Python dependency installation (pip install -r requirements.txt) for PyGithub and python-dotenv. No obscure downloads, URL extracts, or external binary fetches are used in the provided files.
Credentials
The skill requires a GitHub Personal Access Token (GITHUB_TOKEN) and a repository name (GITHUB_REPO) to function, and the code reads these via dotenv/env. The registry metadata, however, lists no required env vars or primary credential — a meaningful mismatch. The script can back up credentials if enabled, so requesting a GitHub token is expected but must be declared and justified explicitly in metadata.
Persistence & Privilege
The skill does not request always: true and does not modify other skills or system-wide configs. It performs normal backup/restore filesystem writes under the specified OpenClaw workspace/home paths; restore requires interactive confirmation ('yes').
Scan Findings in Context
[manifest-env-mismatch] unexpected: No pre-scan regex findings, but the skill manifest/registry metadata lists no required environment variables while SKILL.md and backup.py clearly require GITHUB_TOKEN and (optionally) GITHUB_REPO. This is an important transparency/integrity mismatch.
What to consider before installing
Before installing or running this skill: 1) Treat the GitHub Personal Access Token (GITHUB_TOKEN) as sensitive — give it the minimal scope (repo) and store it securely (do not commit it). 2) Inspect BACKUP_FILES and EXCLUDE_PATTERNS inside backup.py to ensure no secrets or unexpected paths (e.g., credentials/*.json, SSH keys, or other sensitive files) are included. 3) Use --dry-run first to verify what will be sent, and prefer a private repository for backups. 4) Note the hardcoded WORKSPACE/HOME paths (/root/.openclaw): adjust them if your OpenClaw runs as a non-root user or to avoid exposing other root-owned files. 5) Be aware restore overwrites files — confirm backups and test restores in a safe/sandboxed environment before relying on this in production. 6) Consider asking the publisher to correct the registry metadata to declare required env vars (GITHUB_TOKEN, GITHUB_REPO) so the manifest accurately reflects the credential needs.Like a lobster shell, security has layers — review code before you run it.
backupvk97a9rt8xfmy2cyyfgkd5vc9e1834pcegithubvk97a9rt8xfmy2cyyfgkd5vc9e1834pcelatestvk976shzcmx42fkm7k5dsb14c8s835myhrestorevk97a9rt8xfmy2cyyfgkd5vc9e1834pce
License
MIT-0
Free to use, modify, and redistribute. No attribution required.