workspace-backup-github
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This is a coherent GitHub backup skill, but it asks for a very powerful GitHub token and may upload sensitive workspace memory/configuration while giving stronger privacy assurances than the artifacts support.
Only use this if you are comfortable uploading your agent workspace to GitHub. Prefer a fine-grained token limited to one private backup repository, audit the files and git diff before the first push, add explicit exclusions for secrets, verify the cron schedule, and revoke the token if you stop using the skill.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this token is exposed or misused, it can grant access to private repositories beyond the intended backup repo.
This asks the user to give the agent a broad classic GitHub token for a workflow that only needs access to one backup repository.
4. Check the `repo` permission (full control of private repositories) ... 6. Copy and paste the Token here
Use a fine-grained GitHub token limited to the single backup repository and only the permissions needed for contents read/write; revoke and rotate the token when no longer needed.
Users may upload secrets or private personal/agent data to GitHub while believing the backup is guaranteed credential-free.
The reassurance is too absolute: the provided script stages workspace files and directories directly, and the artifacts do not show secret scanning or an enforced exclusion file.
- Sensitive data (API keys, passwords) are NOT backed up - Backup archive contains no credentials
Treat the backup as potentially sensitive, review the staged diff before pushing, add explicit exclusions, and consider adding secret scanning before each backup.
Anyone with access to the backup repository or token may be able to read private user details, agent memory, and configuration history.
The backup includes persistent agent memory and user/configuration files, which is expected for a workspace backup but can contain sensitive context.
`memory/` | Daily memory files ... `USER.md` | User information ... `IDENTITY.md` | AI identity info ... `TOOLS.md` | Local tools config
Keep the repository private, audit memory and config files before first backup, and exclude files that should not leave the local workspace.
Workspace changes can continue being committed and pushed on a schedule without a fresh prompt each time.
The skill can create a recurring agent-triggered backup job. It is disclosed and tied to the backup purpose, but it persists beyond the initial setup.
`Auto` | After setup | Scheduled via OpenClaw Cron ... openclaw cron add --name "workspace-backup" --cron "0 3 * * *" --message "Execute workspace backup" --agent main
After setup, verify the cron entry, confirm the schedule is desired, and remove or pause it when automatic backups are no longer wanted.