Skills
skills/blessonism/openclaw-skills/gitclaw-backup/Gen Agent Trust Hub

gitclaw-backup

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • DATA_EXFILTRATION (MEDIUM): The skill is designed to perform a full backup of the /home/node/.openclaw/ directory to an external, untrusted GitHub repository (github.com/blessonism/openclaw-backup.git). This constitutes a significant data exfiltration vector if the repository is public or controlled by a malicious actor.
  • COMMAND_EXECUTION (MEDIUM): The skill executes a local shell script located at /home/node/.openclaw/gitclaw/auto_backup.sh and multiple git commands. Executing scripts from within writable workspace directories is risky as the script content can be tampered with by other processes or skills.
  • CREDENTIALS_UNSAFE (LOW): The documentation references sensitive files such as ~/.git-credentials and provides specific commands (git credential fill) to interact with the system's credential store, increasing the surface area for potential credential theft.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:47 PM