openclaw-backup
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a bash script (scripts/backup.sh) to perform file system operations including directory creation, archiving with tar, and managing backup rotation using ls, tail, and rm.
- [DATA_EXFILTRATION]: The backup process targets sensitive directories such as ~/.openclaw/credentials/ (API keys and tokens) and ~/.openclaw/telegram/ (session data). While these paths contain sensitive information, the data is archived locally and no network transmission or exfiltration patterns were identified.
Audit Metadata