openclaw-backup-guide

Security checks across malware telemetry and agentic risk

Overview

This backup skill is purpose-related, but it includes a script that would copy workspace and database data to an author-specific NAS path if run unchanged.

Review and edit before installing or running. Do not enable cron or run backup-nas.sh until all author-specific paths and destinations are removed, backup scope is narrowed, secrets and private databases are excluded unless intentionally included, and any GitHub/NAS destination is private and controlled by you.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README promotes automated database backup, NAS synchronization, and Git push workflows without clearly warning that workspace data may be copied to external systems or remotes. In a skill context, users may follow the documented setup and unintentionally exfiltrate sensitive files, credentials, or internal data to GitHub or network storage, especially when cron automation is involved.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal