Openclaw Backup
PassAudited by ClawScan on May 1, 2026.
Overview
This skill matches its stated backup purpose, but the Desktop backup includes OpenClaw API keys that should be protected.
This appears to be a straightforward local backup skill. Before using it, remember that the generated Desktop folder contains OpenClaw credentials/API keys, so do not share it, upload it casually, or leave old copies unprotected.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or anything with access to the created Desktop backup folder could read the copied OpenClaw API keys.
The script copies the local OpenClaw credentials directory into a Desktop backup folder. This is disclosed and aligned with the backup purpose, but it creates an additional copy of API keys.
BACKUP_DIR="$HOME/Desktop/OpenClawBackup-$DATE" ... cp -r ~/.openclaw/credentials "$BACKUP_DIR/"
Run it only when you want this backup, keep the backup folder private, consider storing it in encrypted storage, and delete old backups when they are no longer needed.