myclaw-backup

The skill largely aligns with its stated backup/restore purpose and provides a comprehensive workflow for OpenClaw data protection, including a local HTTP management interface and migration capabilities. However, the footprint introduces substantial credential exposure risk and potential data exfiltration pathways through tar archives and HTTP endpoints. Given the sensitive data handled and the remote/migration use cases, the implementation is considered SUSPICIOUS-to-MEDIUM risk: coherent with purpose but performance of remote/download paths and the HTTP surface increases attack surface unless TLS, strict access controls, and strict dry-run safeguards are enforced. Overall, treat as SUSPICIOUS until rigorous access-control, TLS enforcement, and explicit data-handling safeguards are verified in a real deployment.