ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw User Data Pack

v1.0.5

Agent instructions: pack/apply OpenClaw user data via scripts; overwrite-by-path only. You dry-run first, read EXPORT_MANIFEST.txt, gate optional layers, res...

0· 140·1 current·1 all-time
by@zhaobudaoyuema
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual files and behavior: pack_openclaw.py builds a zip with EXPORT_MANIFEST.txt and apply_openclaw.py extracts files into workspace and ~/.openclaw paths. Required capabilities are proportional — no unrelated credentials, binaries, or config paths are demanded.
Instruction Scope
SKILL.md gives precise runtime instructions (dry-run first, read EXPORT_MANIFEST.txt, gate optional layers, require explicit consent for sessions/config/managed-skills). The instructions only reference files the tool legitimately needs (workspace, openclaw.json, zip manifest). They explicitly forbid writing credentials/credential dirs and emphasize backups and user confirmation for sensitive layers.
Install Mechanism
There is no registry install spec (instruction-only install), but SKILL.md tells the agent to run `pip install -r requirements.txt` as needed. The requirements are minimal (json5). This is expected but means the agent will fetch a PyPI package if it runs that step — moderate risk compared with an all-local instruction-only skill; however the included Python scripts are present in the package and do not download arbitrary code themselves.
Credentials
The skill requests no secret env vars and only uses OPENCLAW_HOME / optional OPENCLAW_PROFILE for normal path resolution. It warns that openclaw.json may contain tokens/secrets and requires explicit opt-in to include/restore that config. The scripts intentionally avoid ~/.openclaw/credentials and perform path-safety checks.
Persistence & Privilege
Skill is not always-enabled and is user-invocable. It does not modify other skills or system-wide config beyond writing into the user's OpenClaw directories when invoked. Autonomous invocation is allowed by platform default but not combined with other concerning privileges here.
Assessment
This skill appears to do what it says: create/export a zip with EXPORT_MANIFEST.txt and extract it back into OpenClaw dirs. Before using it: always run the scripts with --dry-run first and inspect EXPORT_MANIFEST.txt inside the produced zip; back up the target OpenClaw home/workspace (only openclaw.json gets an automatic .bak timestamped file when restored); do not enable sessions or config snapshot flags unless you understand they may include full chat transcripts or tokens; only apply zips from trusted sources. Note that following SKILL.md will require running `pip install -r requirements.txt` which fetches json5 from PyPI — if you or your agent run that, understand it performs a network package install. If you want extra safety, inspect the provided Python scripts locally before running them and run pack/apply on a throwaway copy first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bssp9bn748jbc0f7ys2ty49838h6z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments