ClawHub

OpenClaw Backup (PhenixStar)

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local OpenClaw backup and restore skill, with sensitive backup contents and restore risks that users should handle carefully.

Install only if you want full local OpenClaw backups. Treat every backup archive as highly sensitive because it can contain API keys, tokens, session data, private workspace files, and scheduled tasks. Store backups encrypted or in a restricted location, verify an archive before restoring, and expect restore commands to interrupt OpenClaw and replace current state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly backs up credentials, tokens, auth profiles, session data, and user workspace content, but it does not warn that the resulting archive is highly sensitive. Users may store or transmit backups insecurely, leading to credential theft, account compromise, and exposure of private data.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The restore workflow performs a service stop, renames the live data directory, and extracts a backup in its place without an explicit warning about downtime, failure modes, or rollback validation. An operator following these instructions could accidentally disrupt service or restore corrupted/incompatible state, causing data loss or extended unavailability.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The restore procedure instructs users to rename the live ~/.openclaw directory and later delete/replace state without a prominent warning that this can overwrite or remove current configuration, credentials, workspace data, and scheduled tasks. In a backup/restore skill, destructive operations are expected, but the lack of explicit confirmation, validation steps, and safety caveats increases the chance of accidental data loss involving sensitive local data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal