ClawHub
Back to skill
v1.0.4

绿联NAS OpenClaw备份

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:34 AM.

Analysis

This instruction-only backup skill is coherent and purpose-aligned, but its backups and restores include all OpenClaw configuration, data, workspace, and skills, so users should handle archives carefully.

GuidanceUse this skill only when you intend to back up or restore this OpenClaw deployment. Choose a safe backup directory, keep archives private, verify that a backup is trusted before restoring it, and create a current backup before overwriting existing configuration.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
用户确认后执行恢复 / Execute restore after user confirmation ... 警告:恢复会覆盖现有配置 ... cd /root
tar -xzf "$BACKUP_DIR/openclaw-backup-20260317-143022.tar.gz"

The restore process uses tar extraction under /root and explicitly overwrites existing OpenClaw configuration. This is disclosed and purpose-aligned, but it is a high-impact local state change.

User impactRestoring the wrong or untrusted backup could replace the current OpenClaw configuration and skills.
RecommendationRestore only from trusted backup files, confirm the target path before proceeding, and make a fresh backup of the current state before overwriting it.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusNote
SKILL.md
- `~/.openclaw/` — 所有配置和数据 / All config and data
- `~/.openclaw/workspace/` — 工作空间和 Skills / Workspace and skills
- `~/.openclaw/openclaw.json` — 主配置文件 / Main config file

The backup includes persistent OpenClaw state, workspace content, and skills, which may contain private data or behavior-shaping artifacts that persist across future use.

User impactBackup archives may expose private OpenClaw data if shared or stored insecurely, and restoring a tampered archive could affect future agent behavior.
RecommendationStore backup archives securely, limit who can modify them, and inspect or verify archives before restoring.