Back to skill
Skillv1.0.0
ClawScan security
backup claw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 6:34 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (backup/restore ~/.openclaw excluding workspace); no unexpected network access or credential requests were found.
- Guidance
- This skill appears coherent and does what it says: local backup/restore of ~/.openclaw/ excluding workspace. Before installing or running it, make sure: (1) the host has the required CLI tools (rsync, diff, find, date) since they are used but not declared; (2) you pick a safe, writable backup directory (the script will store that path in ~/.openclaw/backup.json); (3) you review the scripts if you have files with unusual names (spaces/newlines) because simple diff parsing can mis-handle edge cases; and (4) run the scripts interactively (they prompt for confirmation on restore) rather than granting them blanket autonomous execution. No network exfiltration, credential access, or other suspicious behavior was found.
Review Dimensions
- Purpose & Capability
- okThe name/description, SKILL.md, and the two included shell scripts all focus on backing up and restoring ~/.openclaw/ (excluding workspace) to a date-stamped directory and recording a changelog. The required actions (copy, diff, directory management) are consistent with the stated purpose.
- Instruction Scope
- okRuntime instructions and the scripts only read/write local paths (~/.openclaw and the user-provided backup directory) and prompt the user before destructive actions. There are no instructions to read unrelated system paths, exfiltrate data, or send data to external endpoints. The SKILL.md does reference common CLI tools (rsync, diff, find, date) which are used by the scripts.
- Install Mechanism
- noteThere is no install spec (instruction-only) and the skill ships two bash scripts. This is low-risk. One minor inconsistency: the registry metadata lists no required binaries, yet SKILL.md and the scripts expect rsync, diff, find, date, and standard shell utilities. The skill does not supply or declare installation of those tools.
- Credentials
- okNo credentials or environment variables are requested. The scripts use $HOME implicitly for ~/.openclaw and accept the backup root directory as an explicit parameter; this is proportionate to the task.
- Persistence & Privilege
- okalways is false and the skill does not request permanent presence or modify other skills or global agent configuration. It prompts for confirmation before overwriting configuration.