ClawHub

OpenClaw配置管理Skill

Security checks across malware telemetry and agentic risk

Overview

This is a powerful configuration backup and restore skill that fits its stated purpose, but it needs review because it can copy private configuration to Git and overwrite live environments without clear safeguards.

Install only if you trust the publisher and are prepared to review the external repository before using the manual npm path. Use a private backup repository, least-privilege Git token or deploy key, explicit secret exclusions, and encryption you have verified. Keep scheduled auto-push disabled until you have inspected what will be backed up, and require manual approval plus a fresh backup before restore, force-push, sudo, migration, collaborator, or restart operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation presents restore operations that can overwrite configuration state, including restoring from Git, files, and specific commits, but does not warn about destructive effects, rollback requirements, or the need for confirmation before applying changes. In a configuration-management skill, this can lead to accidental system misconfiguration, outage, or loss of current settings if an operator follows the documented commands without safeguards.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill advertises scheduled backup and Git auto-push workflows without clearly warning that configuration data may be transmitted to or stored in remote repositories. Because configuration often contains sensitive operational details or secrets, users may unintentionally exfiltrate confidential data to third-party systems or broadly accessible repositories.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation instructs users to place Git tokens, SSH key paths, and encryption keys into environment variables but does not include credential-handling cautions. This increases the risk of secret leakage through shell history, process inspection, logs, CI environments, screenshots, or accidental export into child processes and backups.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal