Backup & Restore

Type: OpenClaw Skill Name: backup-and-restore Version: 1.3.0 The OpenClaw backup skill is designed for a high-privilege task (full system backup and restore, including credentials and cloud uploads), which inherently carries significant risk. While the skill demonstrates strong security awareness through features like mandatory encryption for full backups, a `safe_load_creds` function to prevent credential file injection, and clear, security-conscious instructions for the AI agent in `SKILL.md` and `references/setup-guide.md`, it still presents a theoretical, low-risk shell injection vulnerability. This arises from passing user-controlled strings (e.g., backup file paths/URLs in `scripts/restore.sh` or cloud configuration values from `config.json` in `scripts/upload.sh` and `scripts/test-backup.sh`) directly to external commands (`aws`, `gsutil`, `b2`, `rclone`, `rsync`) without explicit, universal sanitization within the scripts. Although these external CLIs are generally robust and the shell's argument parsing often mitigates simple injection attempts, the sheer number of external tools and the lack of explicit script-level sanitization for all user-controlled inputs constitute a vulnerability, classifying the skill as 'suspicious' rather than 'benign' due to the potential for exploitation, despite no evidence of malicious intent.