v1.0.0

Backup of conversations to Obsidian

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:52 AM.

Analysis

The skill largely does what it says, but it persistently backs up private conversation logs and includes under-declared Telegram credential/network handling that users should review carefully.

GuidanceReview the scripts before installing, especially the Telegram warning section. Use the skill only if you are comfortable with your Clawdbot conversation logs being copied into the chosen Obsidian vault on an ongoing schedule, replace or remove the example Telegram chat ID, and make credential use explicit before enabling cron.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

0 * * * * /path/to/obsidian-conversation-backup/scripts/monitor_and_save.sh

The documented setup asks the user to add an hourly cron job, creating ongoing automatic backup behavior.

User impactAfter setup, the backup script will keep running on a schedule and writing new conversation snapshots until the cron entry is removed.

RecommendationOnly add the cron job if ongoing automatic backups are desired, and document how to disable it with crontab -e.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

No install spec — this is an instruction-only skill; Required binaries: none; Primary credential: none

The registry metadata under-declares the included installer/scripts and documented jq, cron, and optional Telegram behavior.

User impactUsers relying only on registry metadata may miss that they need to review and run local shell scripts and configure scheduled execution.

RecommendationUpdate metadata to declare the installer, jq/cron requirements, optional curl/Telegram behavior, and relevant config paths.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

scripts/monitor_and_save.sh

BOT_TOKEN=$(jq -r '.telegram.token' /root/.clawdbot/clawdbot.json 2>/dev/null)

The script reads a local Telegram credential from the Clawdbot configuration even though the registry declares no primary credential, required environment variables, or config paths.

User impactThe skill may use an existing local Telegram bot token to send warning messages, so users should know exactly which credential and chat destination are being used.

RecommendationDeclare the Telegram credential requirement explicitly, load it only from a user-approved config or environment variable, and document the destination chat ID before enabling cron.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

scripts/save_full_snapshot.sh

cat "$SESSION_FILE" | while IFS= read -r line; do
    echo "$line" | jq -r -f /root/clawd/format_message_v2.jq.txt 2>/dev/null
done >> "$SNAPSHOT_FILE"

The script converts the full latest session JSONL into a persistent markdown snapshot in the Obsidian vault.

User impactPrivate conversation content, including any secrets typed into chats, can be stored long-term in Obsidian markdown files.

RecommendationUse a private vault, review what is being backed up, and consider adding exclusions, retention limits, or manual review before syncing the vault elsewhere.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

config.example.txt

CHAT_ID="440263016"

The example Telegram configuration contains a concrete chat ID rather than a blank or placeholder value, while the feature is described as sending warnings to the user's Telegram chat.

User impactIf a user copies or exports this value without replacing it, Telegram warnings could be directed to an unintended chat destination.

RecommendationReplace the example chat ID with an empty value or obvious placeholder, and require users to set their own chat ID explicitly.