ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Zhuaxia

v0.4.1

Export and import OpenClaw instances as portable .claw packages for backup, sharing, and migration. Use when: user wants to back up, share, migrate, or resto...

0· 343·1 current·1 all-time
bykissrain@lovelcp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The claimed purpose (export/import OpenClaw instances) matches the included CLI script and file operations. Required binary 'node' is reasonable. However, the SKILL.md instructs running 'clawhub list' (and references clawctl for rollback) even though 'clawhub' (or clawctl as a separate binary) is not declared as a required binary — a minor incoherence.
!
Instruction Scope
The SKILL.md explicitly tells the agent to 'silently gather' local data (ls ~/.openclaw/workspace/, cat IDENTITY.md, check ~/.openclaw/openclaw.json, search common folders for .claw files) before asking the user. Reading these user files is plausible for export/import, but doing so without asking is scope creep and a privacy risk. The instructions also run an external tool ('clawhub') not declared in requirements.
Install Mechanism
There is no network install spec and no downloads; the skill ships a local Node script (scripts/clawctl.mjs) and expects node on PATH, which is proportionate. No extract-from-URL or third-party package install step was specified in registry metadata.
Credentials
The skill does not request environment variables or credentials. It does read files under ~/.openclaw (workspace, IDENTITY.md, config), which is consistent with backing up an OpenClaw instance, but users should be aware those files can contain sensitive information despite claims of automatic stripping.
Persistence & Privilege
The skill is not always: true and does not request elevated or system-wide configuration changes. It creates backups under ~/.openclaw/.zhuaxia-backups/ (expected for its purpose) and does not appear to modify other skills' configs per the provided instructions.
What to consider before installing
Things to consider before installing: - The skill will read files under ~/.openclaw (IDENTITY.md, config, workspace) and search common folders for .claw files. This is consistent with backup/import, but the SKILL.md says these reads happen 'silently' before asking — if you don't want that, don't allow the skill to run until you've reviewed it. - The instructions call an external command 'clawhub' (and reference clawctl usage) but the skill metadata only declares node as required. Confirm that 'clawhub' is present on your system or understand what will happen when that command is missing. - Review scripts/clawctl.mjs yourself (or run it in an isolated sandbox) to verify there are no network exfiltration calls, that credential-stripping works as claimed, and that backups are created where you expect. - If you plan to share .claw files, inspect a generated package in a safe environment and verify secrets were removed before distributing. - If unsure, run the tool manually from a terminal (node scripts/clawctl.mjs --help) rather than allowing autonomous agent invocation, and consider running it on a disposable VM or container first.

Like a lobster shell, security has layers — review code before you run it.

latestvk978df69yvr922q4b4xex66jnx832wyn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦐 Clawdis
Binsnode

Comments