ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ai Intelligent Backup Automation

备份自动化,自动备份 + 恢复测试。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 72 · 0 current installs · 0 all-time installs
by@yang1002378395-cmyk
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name and description promise backup automation (which normally requires access to storage endpoints and credentials). However the skill package contains no code and declares no required credentials or config paths. That omission is unexpected for a backup product and suggests the real functionality lives in the external GitHub repo referenced in the README rather than in the skill bundle.
!
Instruction Scope
SKILL.md instructs cloning https://github.com/openclaw-skills/ai-intelligent-backup-automation and running pip install and python app.py. Those instructions tell someone (or the agent) to fetch and execute arbitrary remote code; the skill itself provides no bundled code to inspect. The instructions do not enumerate required secrets or storage targets, so it's unclear what data the server will access, store, or transmit.
!
Install Mechanism
There is no formal install spec in the skill metadata; instead the README advises users to git clone a GitHub repository and run it. Pulling and executing code from an external repo is moderate-to-high risk when the repository contents cannot be audited as part of the skill package. While GitHub is a common host, the repository owner and release provenance are not verified in the skill.
!
Credentials
The skill declares no required environment variables or primary credentials. Real backup automation typically needs credentials (S3, cloud provider, SSH, database credentials). The absence of any declared secrets is disproportionate and unexplained; the external repo may require credentials that are not declared here, which is a transparency issue.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not declare any config paths or system-wide modifications in the package. This dimension does not raise immediate privilege concerns based on the metadata provided.
What to consider before installing
Do not clone/run the external repository without reviewing it first. Because the skill package contains no code, the actual behavior depends on the GitHub project — inspect that repository's code, install scripts, requirements.txt, and app.py for any network calls, credential handling, scheduled tasks, or data exfiltration before running. Ask the author for a packaged release or signed artifact, a clear list of required credentials and scopes, and details on where backups are stored. If you must test, run it in an isolated sandbox or VM with no access to sensitive systems or cloud credentials, and monitor network traffic and file system activity. Refuse installation if the repository is private/unknown, lacks a clear maintainer history, or requires broad credentials you cannot audit.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk974jjwrnwmt6w2cfn90x26dcs834sbx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis

SKILL.md

AI 智能备份自动化系统

描述

备份自动化,自动备份 + 恢复测试。

功能

  • 自动备份(定时备份)
  • 增量备份(增量备份)
  • 备份验证(完整性检查)
  • 恢复测试(恢复演练)
  • 备份报告(备份统计)

定价

  • 基础版:¥99/月(1 TB)
  • 专业版:¥499/月(10 TB)
  • 企业版:¥1999/月(无限量)

适用场景

  • 数据备份
  • 容灾备份
  • 云备份
  • 本地备份

技术栈

  • Python + FastAPI
  • 备份引擎
  • 增量备份
  • 恢复测试

安装

git clone https://github.com/openclaw-skills/ai-intelligent-backup-automation
cd ai-intelligent-backup-automation
pip install -r requirements.txt
python app.py

创建:2026-03-13 作者:OpenClaw Skills Team

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…