Openclaw Deploy

The skill is classified as suspicious due to the use of `curl -o- ... | bash` in `templates/install-node.sh` for NVM installation, which is a risky pattern for executing remote code and represents a supply chain vulnerability. Additionally, hardcoded paths like `/home/zfanmy/openclaw_data/workspace` in `scripts/start.sh` and specific NVM paths in `scripts/build-portable.sh` and `templates/start-*.sh` introduce vulnerabilities related to environment assumptions and potential permission issues. While the skill's primary purpose is deployment and backup, these practices introduce significant security risks without clear malicious intent.