Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pilot Backup
v1.0.0Automated backup of agent state to trusted peers with encryption and versioning. Use this skill when: 1. You need to backup agent configuration and state fil...
⭐ 0· 16·0 current·0 all-time
byCalin Teodor@teoslayer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to back up agent state to trusted peers using the pilot protocol. It only declares pilotctl as a required binary, which is appropriate for sending files via the protocol, but the instructions also rely on tar/gzip, jq, cp, rm and filesystem layout ($HOME/.pilot) which are not declared in the registry metadata. Overall capability matches purpose, but the manifest is incomplete about dependencies.
Instruction Scope
Instructions explicitly archive and transmit $HOME/.pilot/*.json to remote peer IDs via pilotctl and restore by extracting into $HOME/.pilot. That is within a backup scope, but the SKILL.md claims encryption and versioning while showing no explicit encryption (e.g., gpg or passphrase-based encrypt) or key-management steps. The skill also does not require or document verification of the destination peer identity — sending full agent state (likely including keys) to a remote peer without explicit, demonstrated encryption or verification is a potential data-exposure risk.
Install Mechanism
Instruction-only skill with no install spec: low surface area. Nothing is written to disk by an installer and there are no remote download URLs in the manifest.
Credentials
No environment variables or credentials are requested in the registry metadata, which matches the examples. However, the workflow archives and sends potentially sensitive agent state files (likely containing keys/tokens). That sensitivity is expected for a backup skill, but users must ensure destination peers are trusted and that transport/encryption guarantees exist (the SKILL.md does not make those guarantees explicit).
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or global agent configs per the provided instructions.
What to consider before installing
This skill appears to do what it says — archive and send your agent state to a peer — but there are notable gaps you should address before using it with real data: (1) The README claims encrypted backups but the example commands do not perform encryption; confirm whether pilotctl provides end-to-end encryption or add explicit encryption (e.g., gpg symmetric/asymmetric) before sending. (2) The manifest omits utilities used in the examples (tar/gzip, jq); ensure those binaries exist and behave as expected. (3) Be cautious: the commands archive $HOME/.pilot which may include private keys or tokens; only send to peers you trust and consider excluding private-key files or encrypting the archive and verifying destination identity. (4) The restore commands extract directly into $HOME/.pilot — test restores in a safe environment and consider creating backups of the target dir before overwriting. If you want higher assurance, ask the author to (a) document where confidentiality and integrity are provided (pilotctl/protocol specifics), (b) add explicit encryption steps and verification of peer identity, and (c) update the skill metadata to declare all required binaries.Like a lobster shell, security has layers — review code before you run it.
latestvk977f12h7zcyys54qvvngzvnf184emtb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspilotctl