Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Backup Optimized
v1.0.1Optimized OpenClaw backup skill for creating full snapshots with workspace archive splitting, change summaries, restore instructions, and Discord notifications. Use when you need to set up or run automated backups, configure backup cron jobs, or document/restore OpenClaw state. Triggers on backup automation, backup scripts, snapshot/restore, or GitHub backup repos.
⭐ 4· 2.6k·12 current·13 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the code and docs: scripts/backup.js implements full snapshots of ~/.openclaw, workspace tar+split, SHA256, retention, notifications, and optional pushing to a git repo. The declared registry metadata lists no required env vars but the SKILL.md and script clearly document several environment variables the script honors (OPENCLAW_HOME, OPENCLAW_BACKUP_DIR, BACKUP_REPO_URL, BACKUP_CHANNEL_ID, BACKUP_TZ, BACKUP_MAX_HISTORY) — this mismatch is minor and likely documentation/metadata oversight.
Instruction Scope
SKILL.md instructs copying the script into ~/.openclaw/workspace/tools, running it with node, and adding an openclaw cron entry. The runtime instructions and the script operate only on the OpenClaw home/backup paths and use 'openclaw message send' for notifications. They do not try to read unrelated system files. Important behavior: if BACKUP_REPO_URL is set the script will add a git remote and force-push the backup repo, which will transmit backup contents to that remote.
Install Mechanism
There is no remote install or download; the skill is instruction-plus-local-script. package.json lists small, standard dependencies (minimatch, tar). No network downloads or extract-from-URL install steps are present in the manifest.
Credentials
The registry lists no required env vars, but both SKILL.md and the script rely on multiple environment variables. The script will send data externally only if configured (BACKUP_REPO_URL for git push and BACKUP_CHANNEL_ID for gateway notifications). That behavior is expected for a backup tool, but it has real exfiltration potential: setting BACKUP_REPO_URL to an external/unknown repository will upload your OpenClaw data (which may contain secrets). The skill itself does not request API tokens, but git pushes may use whatever system git credentials are available.
Persistence & Privilege
always:false (not force-included). The skill does ask the operator to place a script in the user's OpenClaw tools directory and to create a cron job via the OpenClaw cron command (which schedules jobs in the gateway environment). This is normal for a scheduled backup workflow and it does not modify other skills or global agent settings.
Assessment
This skill is what it claims to be: a backup script for your OpenClaw home. Before installing or scheduling it, review the script (scripts/backup.js) yourself and confirm you are comfortable with what will be copied. Pay special attention to BACKUP_REPO_URL: if you set it, the script will git push (force) the backup contents to that remote — only use a trusted, private repository. Also verify BACKUP_CHANNEL_ID because notifications go through the OpenClaw gateway (openclaw message send). Run the script manually once, inspect the generated backup directory (~/.openclaw-backup by default) and backup-report.json, and ensure any git credentials and remote settings are intentional before enabling the cron entry.Like a lobster shell, security has layers — review code before you run it.
backupvk9763n3zypdmjjcaz6gaha7h5n80d9adlatestvk975am6r5j0e4n2cvfchykfnt180dkn4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.