This backup skill mostly matches its stated purpose, but it needs review because some diagnostic and migration paths can execute local config files as shell code and a restore check contacts Telegram unexpectedly.
Install only if you are comfortable with a shell-based backup tool that can read and restore your OpenClaw workspace, extensions, and config. Treat .env.backup, .env.backup.secret, .env.backup.notify, and generated migrate .env files as trusted executable inputs, use --encrypt-config before any WebDAV upload, run dry-runs before restore or deletion, and avoid sharing portable exports unless you have reviewed their contents and metadata.