safe-backup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local backup utility, but users should treat its archives and optional remote-storage examples as potentially sensitive.

Install only if you want OpenClaw state/workspace backups. Before running it, confirm the source directories, review the generated archive contents, delete unencrypted local copies when done, and do not follow the GitHub or remote rsync examples unless the destination is private and you have verified that secrets and private workspace files are excluded or encrypted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 87% confidence
Finding: The skill is presented as a local backup utility, but its documented workflow explicitly includes uploading extracted backup contents to a private GitHub repository and syncing to a remote server. That expands the data exposure surface beyond the stated purpose and may cause an agent or user to transmit sensitive state remotely, even if unintentionally.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The manifest description uses broad trigger language like backup, export, or save state, which could cause the skill to activate on ordinary user requests that do not imply consent for packaging large portions of local state and workspace data. In a backup skill, overbroad invocation increases the chance of unintended collection and disclosure of sensitive files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal