Context-Inappropriate Capability
Medium
- Confidence
- 95% confidence
- Finding
- The skill explicitly classifies highly sensitive paths and credential/config directories such as /etc, /root, ~/.ssh, ~/.gnupg, ~/.aws, and ~/.docker as 'important' and then retains copies/snapshots of their contents under ~/.openclaw/minivcs. In a file-protection tool, this expands scope beyond ordinary project files into secrets and system configuration, creating a secondary datastore of sensitive material that can be exposed, restored into unintended locations, or harvested if the agent account is compromised.
