Cloud Backup [S3 R2 B2 ..]

Type: OpenClaw Skill Name: openclaw-cloud-backup Version: 1.0.0 The skill is classified as suspicious due to the `scripts/openclaw-cloud-backup.sh` script sourcing the user-editable configuration file (`~/.openclaw-cloud-backup.conf`). While this file is intended for non-secret settings and the skill does not intentionally introduce malicious content, sourcing an arbitrary file can lead to arbitrary code execution if an attacker gains write access to this configuration file. This represents a local vulnerability, not intentional malice. Other security measures, such as path traversal validation for tar archives and checksum verification, are well-implemented, and the `SKILL.md` instructions do not exhibit prompt injection attempts.