Back to skill

Security audit

Openclaw Backup Skill

Security checks across malware telemetry and agentic risk

Overview

This skill creates local OpenClaw backup archives and its broad file collection is disclosed and aligned with that purpose, though the backups should be treated as sensitive.

Install only if you want local archives that may contain sensitive workspace context, identity files, OpenClaw configuration, and cron details. Store backups in a private location with restricted permissions, consider encryption, and review exclusions or the output directory before scheduling recurring runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that backups include workspace contents, identity/continuity files, configuration, cron data, and manifests, but it does not prominently warn that these archives may contain highly sensitive operational context or secrets. In a backup skill, this context makes the issue more dangerous because users are encouraged to create recurring archives, increasing the chance of long-lived sensitive data exposure, unintended sharing, or insecure storage.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The spec explicitly states that backups include workspace contents and identity/continuity files such as SOUL.md, USER.md, and AGENTS.md, but it provides no corresponding warning that these files may contain sensitive prompts, operational context, or personal/project data. In a backup skill, this is contextually plausible behavior, but the absence of an explicit sensitivity notice, opt-in control, or exclusion guidance creates a real privacy and confidentiality risk if users back up or share archives without understanding their contents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.