Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw备份回滚系统
v1.1.0自动备份和回滚OpenClaw配置,每15分钟备份一次,支持手动备份、版本选择恢复,保留最近96个备份。
⭐ 0· 66·0 current·0 all-time
byacrdik@wuyuyang2
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (automatic backups every 15 minutes, manual backup/restore) aligns with the included scripts: they tar.gz ~/.openclaw, keep recent backups, and stop/start services for restore. However, backup_openclaw.sh hardcodes /home/acrdik rather than using ~ or Path.home(), which makes the script user-specific and inconsistent with the SKILL.md and other Python scripts. The plugin metadata (openclaw.plugin.json) also references a cron script (scripts/backup_cron.py) that is not present.
Instruction Scope
Runtime instructions and scripts perform expected actions (tar, exclude patterns, create pre-rollback backup, stop/start services). Concerns: (1) rollback.py's diff function checks a specific filename 'memory/2026-04-03.md' — a hard-coded date/file that is likely incorrect or leftover, (2) plugin.json declares a cron hook file that doesn't exist, (3) backup_openclaw.sh uses absolute /home/acrdik paths which may write or fail on other systems, (4) scripts will archive user files under ~/.openclaw (which could contain secrets or tokens) and will overwrite files on restore — this is expected for a restore tool but warrants caution and testing. There are no network endpoints or credential exfiltration in the code.
Install Mechanism
No install spec — instruction-only plus shipped scripts. That lowers install-time risk (nothing downloaded from third-party URLs). The code will be written to disk when the user installs the skill (normal for packaged skills).
Credentials
The skill declares no required environment variables or credentials, and the scripts do not perform network calls or ask for secrets. This is proportionate. However, the hard-coded absolute path (/home/acrdik) is user-specific and may cause the script to operate on the wrong account or fail; review and replace with a portable HOME-based path before use.
Persistence & Privilege
always is false (good). The scripts stop/start user services via 'systemctl --user' which requires the user to have those systemd user services — stopping services is expected for a restore but is a privileged operation relative to service availability. Autonomous invocation (disable-model-invocation: false) is allowed by default; combined with the other inconsistencies this increases the need to review and test the skill before granting it runtime autonomy.
What to consider before installing
Before installing, check the following: 1) The plugin metadata references scripts/backup_cron.py but that file is missing — ask the author or fix the hook to point to an existing script. 2) Replace the hard-coded path (/home/acrdik) in scripts/backup_openclaw.sh with a portable HOME/Path.home() usage so backups go to the correct user's ~/.openclaw. 3) Investigate the hard-coded config name 'memory/2026-04-03.md' in rollback.py (likely leftover) and adjust the diff list to the files you actually care about. 4) Test the backup and restore process on a non-production instance to confirm exclusions, retention (96 backups), and that restores do what you expect. 5) Verify the set of systemd user services stopped/started by the scripts exist on your system and that you are comfortable granting the skill the ability to stop/start them. 6) Inspect backup contents to ensure no sensitive secrets are being archived unintentionally. 7) Because the source/homepage is unknown, prefer to only install after the above fixes or obtain a vetted copy from a trusted source. If you cannot validate or fix these issues, do not enable autonomous invocation in a production agent.Like a lobster shell, security has layers — review code before you run it.
backupvk97b01z3srnxj7mvf54x5j7ppn8459nnlatestvk97b01z3srnxj7mvf54x5j7ppn8459nnrecoveryvk97b01z3srnxj7mvf54x5j7ppn8459nnrollbackvk97b01z3srnxj7mvf54x5j7ppn8459nn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.