Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Backup Recovery Toolkit
v1.0.0企业级备份恢复工具包,支持文件备份、数据库备份、增量备份、定时任务和灾难恢复。 Enterprise-grade backup and recovery toolkit supporting file backup, database backup, incremental backup, scheduled t...
⭐ 0· 20·0 current·0 all-time
byLv Lancer@kaiyuelv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements file, incremental and database backups and references external tools (mysqldump, pg_dump, mongodump) via subprocess calls, and requirements.txt includes SSH/crypto libraries for remote backups—these are coherent with a backup tool. However, the skill metadata declares no required binaries even though the code expects system binaries for DB dumps. Also the registry notes 'No install spec' even though the bundle contains code and a requirements.txt (so nothing will be automatically installed). The missing declaration of required system binaries and the lack of source/homepage reduce transparency.
Instruction Scope
SKILL.md shows CLI and Python API usage that expects users to provide file paths and DB credentials. The instructions don't ask for unrelated system data. However examples and README show passing DB passwords in code/CLI; the code uses subprocess to run native DB clients which will execute external binaries and can expose credentials via process arguments. The provided scripts run filesystem operations (expected for backups).
Install Mechanism
There is no automated install spec; the README and requirements.txt instruct pip install -r requirements.txt. That's lower-risk than an arbitrary binary download, but because installation is manual the user must run pip themselves. No archive downloads or extract steps were used. The absence of an install step means dependencies and system binaries must be present on the host for the tool to work.
Credentials
The skill does not declare required environment variables or credentials, which aligns with examples that pass DB credentials as function args. But DatabaseBackup constructs subprocess commands that embed passwords (e.g. '-p{password}' for mysqldump) and sets PGPASSWORD for pg_dump; both approaches risk credential exposure (process listing, shell history). No unrelated secrets are requested, but credential-handling practices are potentially insecure and should be reviewed.
Persistence & Privilege
The skill is not force-included (always:false) and is user-invocable. It does not request to modify other skills or system-wide agent settings. Autonomous invocation is allowed by platform default but does not combine here with always:true or broad undisclosed credential access.
What to consider before installing
This package largely behaves like a normal backup toolkit, but review and precautions are recommended before installing or running it:
- Verify presence of system binaries: the code calls mysqldump, pg_dump and mongodump via subprocess but the skill metadata does not declare these required binaries. Ensure these tools exist on any host where you run this.
- Inspect the full scripts/backup_toolkit.py (the provided listing was truncated) to confirm there are no hidden network endpoints or unexpected data exfiltration paths (especially code that would use paramiko/cryptography to send backups remotely).
- Avoid passing DB passwords on the command line or hard-coding them. The current examples & implementation may expose credentials via process lists; prefer using secured credential stores or connection files.
- Run the code first in a disposable, limited-permission environment (container or VM) with test data to confirm behavior and that only intended files are read and written.
- If you need remote backup features, confirm how SSH keys/credentials are handled; do not supply high-privilege keys without auditing the remote-transfer implementation.
Because the repository lacks an install spec and does not declare required system binaries, treat the package as potentially incomplete and verify these gaps before trusting it with production data.Like a lobster shell, security has layers — review code before you run it.
latestvk978573bj7yyw71cg7r4ak3r35852t85
License
MIT-0
Free to use, modify, and redistribute. No attribution required.