ClawHub

Backup

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward OpenClaw backup-and-restore skill, but its backups can contain sensitive credentials and sessions, so users should protect the archive carefully.

Install only if you want full OpenClaw backups. Store backup archives somewhere private, preferably encrypted, because they may contain API keys, auth profiles, Telegram sessions, workspace memory, user files, and scheduled tasks. Before restoring, verify the backup source and contents, make a separate copy of your current ~/.openclaw directory, and understand that restore can replace newer configuration or reintroduce old credentials and cron jobs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The backup scope explicitly includes credentials, tokens, agent auth profiles, session data, and user files, but there is no warning or guidance on protecting the resulting archive. This is dangerous because backups often get copied to less protected locations, and an unencrypted archive containing secrets can lead to credential theft, account compromise, and disclosure of sensitive user data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The restore procedure replaces the live ~/.openclaw directory with backup contents without warning that this can overwrite newer data, revert configuration, or restore stale credentials and scheduled tasks. In a security context, restoring old secrets or task definitions can reintroduce compromised state and cause integrity or availability issues.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The restore workflow replaces the user's live ~/.openclaw directory and the rollback path permanently deletes ~/.openclaw before restoring the previous copy, but the document does not prominently warn about data loss, credential handling, or the need to verify backup provenance and contents. Because the backup contains sensitive material such as credentials, agent auth, workspace data, and Telegram sessions, unsafe or mistaken use could overwrite good state, expose secrets, or restore compromised data.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: openclaw-backup
description: Backup and restore OpenClaw data. Use when user asks to create backups, set up automatic backup schedules, restore from backup, or manage backup rotation. Handles ~/.openclaw directory archiving with proper exclusions.
---

# OpenClaw Backup
Confidence
74% confidence
Finding
create backups, set up automatic backup schedules, restore from backup, or manage backup rotation. Handles ~/.openclaw directory archiving with proper exclusions. --- # OpenClaw Backup Backup and re

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal