openclaw-backup
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script (
scripts/backup.sh) and instructions that use system commands such astar,mkdir,mv, andrmto manage file archives and directory rotation. These operations are restricted to the local filesystem for backup management. - [CREDENTIALS_UNSAFE]: The skill is designed to back up sensitive configuration files, including
~/.openclaw/credentials/andopenclaw.json, which may contain API keys or tokens. However, this is the intended functionality of a backup tool, and the data is stored in a local directory (~/openclaw-backups/) with no network exfiltration detected.
Audit Metadata