Skillv1.3.0

ClawScan security

Agent Life · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 5:11 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are consistent with a tool that backs up and restores agent state to the Agent Life cloud, but it legitimately requires access to sensitive agent files and an API key—so proceed only if you trust the service and inspect the installer.
Guidance: This skill appears to be what it says: a backup/sync/restore adapter that uses the 'alf' CLI and your ALF_API_KEY to upload agent state. Before installing or using it: (1) verify the upstream GitHub repository and inspect the install script and its checksum; (2) understand that backups include agent memory, identity, credentials, and workspace files—treat the ALF_API_KEY like a secret and only use it with a trusted account; (3) consider testing the installer in an isolated environment (container or VM) first; (4) review the open-source repo and changelog to ensure releases are signed or checksums match; and (5) if you cannot trust the remote service, do not provide the API key or run the sync (or export/import archives locally instead).

Review Dimensions

Purpose & Capability: okName and description match the requested artifacts: the skill needs the 'alf' CLI, an ALF_API_KEY, and the agent workspace/config (~/.openclaw/openclaw.json and ~/.alf/config.toml) to locate and upload agent memory, identity, credentials, and workspace files. These requirements are proportionate to a backup/sync/restore tool.
Instruction Scope: noteSKILL.md only instructs the agent to use the 'alf' CLI (check/export/sync/restore/import/validate) and to read the OpenClaw workspace and alf config; that is in-scope for a backup tool. Important: the documented workflows explicitly collect and upload agent memory, identity, credentials, and workspace files to the cloud—these are highly sensitive actions but are expected for a backup/migration tool. The instructions advise inspecting the remote install script, which is good practice.
Install Mechanism: noteThe skill has no built-in install spec but points to a GitHub Releases repo and recommends running a raw GitHub-hosted install script (raw.githubusercontent.com). GitHub Releases/raw GitHub are common trusted sources, and the SKILL.md says the script verifies SHA256. Running a remote install script carries usual risks—inspect and validate the script and checksum before executing.
Credentials: noteOnly ALF_API_KEY and two config paths are requested. These are directly related to cloud syncing and locating the agent workspace. However, those config paths and the backup operation will expose potentially sensitive agent credentials, memory, and workspace files to the remote service, so the requested access is sensitive though proportionate to the stated purpose.
Persistence & Privilege: okThe skill is user-invocable, not always-on, and does not request system-wide or cross-skill configuration changes. It does read user config files but does not claim elevated platform privileges.