v1.0.0

Auto Backup Pro

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:15 AM.

Analysis

This backup skill has a coherent purpose, but it asks for recurring broad backups and restores of workspace/memory data, potentially to cloud storage, without clear limits or safety controls.

GuidanceReview this carefully before installing. If you use it, restrict backups to specific folders, exclude credentials and secrets, enable encryption for sensitive data, confirm any cloud destination, and require explicit approval for scheduled jobs and restores.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

SKILL.md

定时自动备份（每小时/每天） ... 失败自动重试

The skill is designed to keep running on a schedule and retry failures, but the artifacts do not define stop conditions, user approvals, or containment limits.

User impactThe agent could continue copying data and consuming storage after the initial request unless the user explicitly controls the schedule and retention.

RecommendationRequire explicit user approval for any schedule, document how to pause or delete scheduled backups, and set clear retention and storage limits.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

"立即备份所有文件" ... "恢复上次的备份"

The skill advertises broad backup and restore actions that can copy or overwrite many files, but does not describe confirmations, dry runs, exclusions, or conflict handling.

User impactA broad backup may collect more data than intended, and an unsafe restore could overwrite current files or reintroduce unwanted data.

RecommendationUse dry-run previews, confirm exact paths before backup or restore, avoid 'all files' operations by default, and require explicit confirmation before overwriting files.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.

The skill has no code to inspect and no install mechanism, but its provenance and implementation details are not documented.

User impactThe lack of source or homepage makes it harder to understand who maintains the skill or how its promised backup behavior is meant to be implemented.

RecommendationPrefer skills with clear maintainers, documentation, and implementation details, especially for backup, restore, and cloud-storage workflows.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

定时备份重要文件到本地/云端 ... "sourceDirs": ["workspace", "memory"], ... "encryption": false

The skill proposes copying workspace and memory data to backup storage, including possible cloud storage, and the example configuration leaves encryption disabled.

User impactPrivate project files, agent memory, secrets, or sensitive notes could be copied into backups or cloud storage without encryption by default.

RecommendationOnly use narrowly chosen source folders, exclude secrets and credentials, enable encryption for any sensitive or cloud backup, and confirm where backups are stored.