backup claw

Security checks across malware telemetry and agentic risk

Overview

This is a local backup-and-restore helper for OpenClaw configuration, with expected risks around copying sensitive config files and restoring over current settings.

Install this only if you want local backups of OpenClaw configuration. Use a private backup directory with appropriate filesystem permissions, avoid shared or synced destinations unless you trust them, and confirm restores only from backup dates you recognize.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Rogue AgentSelf-Modification, Session Persistence
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The implementation note explicitly says to provide clear error messages in Chinese when appropriate, which can steer output language without explicit user opt-in. While not a traditional security flaw, it can violate user-preference and policy expectations, especially in systems where language choice affects usability, auditability, or accessibility.

Session Persistence

Medium

Category: Rogue Agent
Content: 2. If exists, read "backup_location" field 3. If missing or file doesn't exist: - Ask user for backup directory path - Create `~/.openclaw/backup.json` with the provided path - Confirm path to user **Change backup directory (changedir command):**
Confidence: 88% confidence
Finding: Create `~/.openclaw/backup.json` with the provided path - Confirm path to user **Change backup directory (changedir command):** When user runs `backupclaw changedir <new_path>`: 1. Validate new pa

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal