Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Backup Pro
v1.0.0自动定时备份重要文件到本地或云端,支持增量备份、压缩加密、备份验证和失败自动重试,保障数据安全。
⭐ 0· 71·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The README claims local and cloud backups, encryption, verification, and retries, but the skill declares no required credentials, no binaries, and no install steps. A cloud-capable backup ordinarily needs explicit cloud credentials (S3/GCS/Azure, etc.) or an agent integration; that is not specified. The example config also includes sourceDirs: ["workspace", "memory"], which goes beyond a typical file-backup scope and implies access to agent-internal data.
Instruction Scope
SKILL.md is high-level and grants broad discretion (scheduling, incremental backups, compress/encrypt) but gives no safe limits or concrete steps. The default configuration targets 'memory' in addition to 'workspace' — instructing the agent to read/backup its own memory or internal state could capture secrets and user data. The doc lacks confirmation steps for destructive actions (restores, overwrites) and provides no guidance on where encryption keys come from.
Install Mechanism
There is no install spec and no code files (instruction-only). That minimizes on-disk risk because nothing is automatically downloaded or installed by the skill package itself.
Credentials
The skill declares no required environment variables or primary credential, yet advertises cloud backup and encryption features that normally require credentials or key material. The presence of 'memory' as a source is disproportionate because it may access sensitive internal state without requesting or documenting necessary safeguards or explicit user approval.
Persistence & Privilege
The skill is not marked 'always:true', but model invocation/autonomy is allowed by default. Autonomous scheduled backups are a plausible use-case, but combined with the instruction to back up 'memory' and the lack of access controls, autonomous operation increases risk. The skill does not document how scheduling or agent-initiated runs will be gated by user consent.
What to consider before installing
This skill is ambiguous and potentially risky. Before installing: 1) Ask the author to explain exactly how cloud backups authenticate (which providers, where credentials are stored, and whether credentials are required). 2) Ask them to remove 'memory' from default sourceDirs or explicitly explain what 'memory' contains and how secrets are excluded. 3) Require clear restore safeguards (confirmation before overwrite) and documentation on encryption key management. 4) Prefer a version that declares required env vars and an install method (or provides audited code) so you can review where data is sent. 5) If you must try it, run it in a sandboxed agent with no access to secrets or production data and monitor network activity. If these questions are not satisfactorily answered, do not enable autonomous/scheduled runs.Like a lobster shell, security has layers — review code before you run it.
latestvk974smtdx1c699170mnbjdaxb983j82r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.