ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Langfuse Backup

v1.0.2

Docker volume backup and restore for self-hosted Langfuse. Use when: backing up a self-hosted Langfuse instance, restoring Langfuse after a crash or migratio...

0· 364·1 current·1 all-time
byNissan Dookeran@nissan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, and scripts align: it performs local Docker-based backups and restores of Postgres and MinIO volumes. Requiring the docker binary is appropriate. Minor mismatch: the backup script invokes python3 to build the manifest but python3 is not listed in required binaries, and the restore/backup use docker run alpine which will pull an image if not present (implying transient network access).
!
Instruction Scope
The SKILL.md and included scripts stay within the stated scope (reading Docker volumes, creating local tar/gzip dumps, writing backups to a user-specified local directory). However: (1) the scripts create a manifest that includes hostname and timestamps (identifying metadata) which some users may not expect, (2) docker run --rm alpine ... will pull the alpine image if absent, causing outbound network activity despite the metadata claiming outbound: false, and (3) restore script will drop/create the database and overwrite data — destructive operations that require explicit user awareness and confirmation (the script prompts but will proceed if confirmed).
Install Mechanism
Instruction-only skill with two shell scripts; there is no install spec and nothing is written to disk by an installer. This minimizes install-time risk.
Credentials
No credentials or secrets are requested. The scripts accept a handful of environment variables for configuration (backup dir, container names, DB name/user), which are reasonable and proportional to the task.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or global agent settings. The scripts do require local Docker privileges (expected for a Docker-volume backup/restore tool) and will start/stop containers as part of restore operations.
What to consider before installing
This script bundle appears to be what it says: a local Docker-volume backup/restore for Langfuse. Before installing or running: (1) review the two shipped scripts yourself — they will drop/create the DB and overwrite MinIO data during restore; (2) ensure you have docker and python3 available (the backup script invokes python3 for manifest generation); (3) be aware docker run --rm alpine ... will pull the alpine image from Docker Hub if it isn't already present, so the claim "outbound: false" is optimistic unless you pre-pull images or are offline; (4) test in a non-production environment first and confirm LANGFUSE_COMPOSE_DIR and container names match your setup; (5) backups and pruning use the backup directory you specify — verify its path and permissions to avoid accidental deletion of other data. If you need strict no-network guarantees, either pre-pull required images (alpine) and ensure no image pulls are necessary, or review/modify the scripts to avoid docker run image pulls.

Like a lobster shell, security has layers — review code before you run it.

latestvk972wn2ghgw4gc1kmsrea3zhys83s9gr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💾 Clawdis
Binsdocker

Comments