ClawHub

Duplicati Backup Manager

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets an agent check and start Duplicati backups, but users should treat its long-lived backup token carefully.

Install only if you are comfortable giving the agent authenticated access to your Duplicati server. Protect the token, avoid committing openclaw.json, prefer a shorter-lived or revocable token if Duplicati supports it, restrict the Duplicati API to trusted networks, and confirm the backup name or ID before allowing the agent to start a job.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly instructs operators to enable issuance of a 10-year 'Forever Token', generate it, and place it into the agent configuration, but it does not warn that this is a highly sensitive bearer credential with broad, reusable access. Long-lived bearer tokens materially increase exposure from config leaks, backups, screenshots, logs, shell history, or host compromise because an attacker can reuse the token for an extended period without needing a password.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to start backup jobs via an authenticated POST request, but it provides no requirement for user confirmation, scope checks, or safeguards before executing an operational action. In this context, triggering backups can consume storage, CPU, bandwidth, or interfere with ongoing jobs, so an ambiguous or accidental user request could cause unintended changes to the server's backup state.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal