Skillv1.0.0

ClawScan security

泉水复活 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 31, 2026, 11:50 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill's code, instructions, and requested resources are internally consistent with a local backup-and-restore tool for AI memory files; it does not request unrelated credentials or perform network exfiltration, but users should verify the configured cloud-sync directory and what files will be backed up.
Guidance: This skill appears to be what it says: a local backup/restore tool for AI memory files. Before installing, verify the following: 1) The configured CLOUD_SYNC_DIR (default is a Windows Administrator desktop path) — change it to your intended cloud-folder (OneDrive/百度网盘/other) to avoid accidentally syncing sensitive files to the wrong location. 2) Review which files will be backed up (MEMORY.md, USER.md, IDENTITY.md, diary/, etc.) because they may contain personal or identifying data. 3) If you are on non-Windows OS, edit paths in scripts (the defaults assume Windows for cloud path and Desktop .bat behavior). 4) Run the scripts in a safe environment first (inspect generated snapshots in ~/.qclaw/.memory_backup/snapshots) and confirm that the restore process behaves as expected. If you need higher assurance, open the scripts and confirm there are no unexpected external network calls or uploads beyond copying into your configured cloud-sync folder.

Review Dimensions

Purpose & Capability: okName/description (memory backup, snapshot, restore, cloud sync) aligns with the included scripts and README. The scripts operate on the declared workspace (~/.qclaw/workspace) and implement latest/snapshot/cloud-sync/restore features described in SKILL.md. One minor note: the default CLOUD_SYNC_DIR is a hard-coded Windows Desktop path (C:\Users\Administrator\Desktop\QC百度同步\...), which is fine on Windows but surprising on non-Windows systems and should be edited to a user-controlled cloud folder.
Instruction Scope: okSKILL.md instructs running the included Python scripts and creating desktop .bat shortcuts. The runtime instructions and the scripts operate on files under the skill/workspace (MEMORY.md, USER.md, IDENTITY.md, diary/, memory/). They do not instruct reading unrelated system paths, environment secrets, or contacting remote endpoints. The scripts do copy the restore .bat to the cloud sync folder if present (so check that target).
Install Mechanism: okNo install spec is present (instruction-only), which is low-risk. The package includes two Python scripts and docs; these will be stored in the skill directory by OpenClaw but there is no third-party download or archive extraction. No external executables or package installs are performed by the skill itself.
Credentials: okThe skill declares no required environment variables or credentials and the scripts do not attempt to access secrets. The main sensitive action is writing backups (which include USER.md and IDENTITY.md) into a cloud-synced folder if configured — this is expected for a backup tool but the user should confirm the cloud target to avoid accidental exposure.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system-wide settings. It is user-invocable and can be invoked autonomously by the agent (default behavior), which is typical for skills of this type.