ClawHub

OpenClaw Backup

Security checks across malware telemetry and agentic risk

Overview

This backup skill appears purpose-aligned, but it copies highly sensitive local agent data and can set up scheduled backups without enough safety guidance.

Review the backup destination, file permissions, retention policy, and cron schedule before installing. Treat generated archives as secrets, prefer encrypted storage, and avoid enabling automatic backups unless you are comfortable copying credentials and session history into that location.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The changelog explicitly states that backups include credentials and session history, which are highly sensitive data types, but provides no warning about the confidentiality risks or guidance on securing backup archives. In the context of a backup skill that stores timestamped tar.gz archives in a user directory and may run automatically via cron, this increases the chance that secrets and private activity history are copied into locations that are less protected, retained too long, or exfiltrated if the host is compromised.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are generic enough to match normal user requests about backups, which can cause the skill to activate unexpectedly. Because the skill performs backup, verification, cleanup, and cron setup actions, accidental invocation could lead to unintended data handling or system changes.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation states that backups include sensitive material such as credentials, session history, workspace files, and settings, but it does not clearly warn about privacy, storage security, or restoration risks. Users may create archives containing highly sensitive data without understanding how they should be protected, copied, or deleted.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal