beaver-claw-backup
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to perform data management tasks by executing shell commands. This includes initializing rules, creating backups, and restoring archives to specific directories using the @beaverslab/claw-backup CLI tool.
- [EXTERNAL_DOWNLOADS]: The skill utilizes bunx and npx to download and run the @beaverslab/claw-backup utility from the public npm registry. This tool is developed by the skill author and serves as the core engine for the backup operations.
- [PROMPT_INJECTION]: The instructions involve interpolating user-provided values such as rule names and file paths into shell commands, which creates a potential surface for indirect prompt injection if user input is not handled securely.
- Ingestion points: User-defined parameters for name, preset, path, and target-dir within the shell command templates in SKILL.md.
- Boundary markers: None; the skill does not define specific delimiters to separate user input from command structure.
- Capability inventory: The skill has the ability to execute shell commands with file system read/write access and network access via package runners.
- Sanitization: Not present; there are no instructions provided to validate or sanitize user input before it is used in command construction.
Audit Metadata