ClawHub

quark-backup

Security checks across malware telemetry and agentic risk

Overview

This backup skill appears purpose-aligned, but it can upload broad OpenClaw data to Quark cloud and relies on a stored session cookie without enough scoping or warning.

Install only if you intentionally want your .openclaw data backed up to Quark cloud. Before use, confirm exactly what paths are included, exclude secrets and session files where possible, protect the env file containing the Quark Cookie, and avoid broad or automatic triggers unless each upload requires explicit confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger conditions are broad terms like “备份” and “自动备份”, which can plausibly appear in ordinary conversation and cause the skill to activate unexpectedly. In this skill’s context, activation can lead to packaging and uploading `.openclaw` data to a remote cloud service, so accidental invocation creates a meaningful confidentiality and privacy risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill describes backing up the `.openclaw` directory to Quark cloud storage but does not prominently warn that this may include sensitive local data such as workspace contents, memory, sessions, and configuration. Because the workflow explicitly uploads data off-host to a third-party service, lack of informed consent and data-sensitivity disclosure materially increases the risk of unintended data exfiltration.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation tells users to copy a full authenticated Quark Cookie into a local environment file, which is effectively a bearer credential that can grant account access if exposed. In the context of an automated backup skill, this is more dangerous because the credential is tied to unattended upload operations and may be stored long-term on disk, increasing the chance of leakage through backups, logs, misconfigured permissions, or compromise of the host.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal