The Agent Skills Directory

[DATA_EXFILTRATION] (HIGH): The skill documentation (SKILL.md) explicitly states its purpose is to backup and sync sensitive files such as 'openclaw.json' and 'MEMORY.md'. These files typically contain private user data and conversation histories. Sending this data to external Git repositories (GitHub/GitLab) constitutes a high risk of exfiltration.- [CREDENTIALS_UNSAFE] (HIGH): The file 'openclaw.json' is a known configuration file for agent platforms that often stores cleartext API keys and authentication tokens. Accessing this file is a primary vector for credential theft.- [NO_CODE] (MEDIUM): The provided skill package contains only documentation and metadata files. The actual scripts or binaries responsible for performing the backup and network operations are missing, which may be an attempt to bypass static analysis or indicates a hidden execution mechanism.- [INDIRECT_PROMPT_INJECTION] (HIGH): Because the skill processes 'Memory' and 'Skills' directories (which are influenced by external user input and potentially malicious scripts), there is a high risk of indirect prompt injection where the backup process could be subverted by instructions embedded within the data being backed up.

clawdbot-backup