Back to skill
Skillv1.0.2
ClawScan security
Restic Home Backup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 8:49 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and instructions are coherent with its stated purpose (setting up restic backups); it defaults to a safe PLAN-ONLY mode and does not request unrelated credentials or hidden endpoints.
- Guidance
- This skill appears to do what it says, but review and run it safely: 1) Read scripts/bootstrap_restic_home.sh yourself before running. 2) Run it in PLAN-ONLY mode first (no --apply) to inspect the proposed changes. 3) Ensure restic is installed and reachable at /usr/bin/restic (adjust script if restic is elsewhere). 4) Be prepared that the script will create /etc/restic-home.env and a password file at /etc/restic-home/password (chmod 600) — if you prefer an existing password file or secret manager, supply that path via --password-file. 5) Only run with --apply and enable timers when you accept the systemd/unit changes and understand where your repository (S3/SFTP/local) stores data and credentials. 6) If you need this on non-standard home paths (e.g., root), verify the script handles that or modify accordingly.
Review Dimensions
- Purpose & Capability
- okName, description, SKILL.md workflow, ops checklist, and the bootstrap script all align: they implement restic-backed home-directory backups, systemd timers, retention/prune, and validation. The included script performs exactly the described tasks and enforces a plan-only default.
- Instruction Scope
- noteInstructions explicitly require user confirmation (or --apply) before writing to /etc, /usr/local/bin, or systemd, and the script enforces plan-only by default. The script does create credential and unit files, source /etc/restic-home.env, and may generate a password file under /etc/restic-home/password; these actions are expected for the stated purpose. Small caveat: SKILL.md promises 'Never print secrets' — the script prints the path to the generated password file but not the password itself, which matches the promise. Overall scope is appropriate.
- Install Mechanism
- okThis is an instruction-only skill with one included helper script; there is no automated installer or downloaded code from external URLs. Risk from install mechanism is low.
- Credentials
- noteThe skill requests no environment variables or credentials in metadata, and it doesn't transmit secrets externally. The bootstrap generates and stores a password file and an /etc/restic-home.env file (both with chmod 600), which is appropriate. Minor mismatch: metadata does not list required binaries (restic, and optionally openssl), though the script checks for restic and uses openssl if available.
- Persistence & Privilege
- okThe script writes system files and creates/enables timers only when run with --apply; the skill is not always-enabled and does not request privileged persistent presence in the agent. This level of system access is expected and described in the SKILL.md.