ClawHub

Openclaw Backup

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real OpenClaw backup and restore skill, but it handles credentials, sessions, workspace data, and scheduled tasks with limited safety warnings or restore safeguards.

Review before installing. Use it only if you are comfortable creating archives that contain OpenClaw credentials, API tokens, session data, workspace files, and scheduled tasks. Store backups privately, preferably encrypted, and do not share them. Before restoring, inspect the archive, verify it came from a trusted backup, and make a separate copy of your current ~/.openclaw state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly backs up credentials, tokens, auth profiles, session data, and user files, but does not prominently warn that the resulting archive contains highly sensitive material. Users may store, transfer, or expose these backups insecurely, leading to credential theft, account compromise, and disclosure of private workspace data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The restore flow replaces the active ~/.openclaw state after moving the existing directory aside, but it does not clearly warn that the operation is destructive and may roll back or replace current configuration, credentials, schedules, and workspace data. This can cause unintended data loss, confusion, or restoration of stale or compromised state if the wrong archive is used.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The restore instructions perform destructive file operations that overwrite or remove an existing OpenClaw installation without an explicit warning, confirmation step, or validation of backup contents. In a backup/restore skill this is contextually plausible, but it is still dangerous because users may irreversibly lose current data if they follow the steps on the wrong system or with an invalid backup.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: openclaw-backup
description: Backup and restore OpenClaw data. Use when user asks to create backups, set up automatic backup schedules, restore from backup, or manage backup rotation. Handles ~/.openclaw directory archiving with proper exclusions.
---

# OpenClaw Backup
Confidence
89% confidence
Finding
create backups, set up automatic backup schedules, restore from backup, or manage backup rotation. Handles ~/.openclaw directory archiving with proper exclusions. --- # OpenClaw Backup Backup and re

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal