Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Daily Backup
v1.0.1每日 Git 备份。提交工作区所有变更,记录变更摘要。触发时机:cron 定时任务或手动调用。
⭐ 0· 140·1 current·1 all-time
by@axelhu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description promises a 'daily Git backup' that commits workspace changes and posts reports to Feishu. However, the skill does not declare required binaries (git), any environment variables or credentials for Feishu, nor the scripts it expects to run. Requiring arbitrary commit operations and remote messaging without declaring the need for git and Feishu credentials is inconsistent with the stated purpose.
Instruction Scope
SKILL.md directs the agent to run scripts/auto-backup.sh (not included) and to '提交工作区所有变更' (commit the entire workspace). Running a non-included shell script could execute arbitrary commands and the commit-all behavior risks staging secrets. The instructions also require sending reports to Feishu and strictly mandate retry/never-silent-fail behavior, but do not specify how to authenticate or which API/hook to use.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes direct disk writes from the skill itself. The remaining risk comes from the external shell script it intends to run (which is not bundled).
Credentials
The skill expects to post messages to Feishu and operate Git but declares no required environment variables or credentials (Feishu tokens/webhook, git credentials, remote repo auth). Absence of declared secrets is a mismatch: posting to an external chat and pushing to remote repos generally require credentials and those should be made explicit and limited.
Persistence & Privilege
always is false and the skill has no install-time persistence. It will run only when invoked (or by autonomous model invocation, which is the platform default). There is no evidence it modifies other skills or global agent settings.
What to consider before installing
Do not install or enable this skill until the missing pieces are clarified and reviewed. Specifically:
- Ask the author to provide scripts/auto-backup.sh and any other referenced scripts; review their contents line-by-line before execution. The script could run arbitrary shell commands.
- Require the skill manifest to declare required binaries (e.g., git) and any environment variables it needs (Feishu webhook or token, git remote credentials). Do not supply high-privilege or broadly-scoped credentials without justification.
- Confirm whether the backup will push to a remote repository and, if so, where (remote URL) and how authentication is handled. Avoid giving long-lived credentials; prefer a dedicated deploy key or webhook with least privilege.
- Because the instructions commit 'all workspace changes', audit the repository for secrets and consider running in an isolated environment or CI runner with limited access.
- Prefer Feishu webhooks (read-only inbound) over embedding tokens; insist the skill declare exactly how it will authenticate and which Feishu endpoint it will use.
- If you must test, do so in a throwaway repository/VM with no sensitive data and with network access restricted. If the author cannot provide the missing script or clear credential requirements, treat the skill as unsafe.Like a lobster shell, security has layers — review code before you run it.
latestvk972gxjm7h72js4b5kgwnb41bx834rer
License
MIT-0
Free to use, modify, and redistribute. No attribution required.