openclaw-backup

SUSPICIOUS. The skill’s core behavior matches its backup purpose, and installs come from normal package sources, so this is not confirmed malware. However, it sends sensitive agent-state files to a third-party backup service, stores decryption passwords in plaintext locally, and even suggests version-control storage of that recovery file. Overall this is a coherent but high-sensitivity backup skill with meaningful confidentiality risk.