backup
Warn
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses highly sensitive configuration files, specifically
~/.claude/settings.jsonand~/.claude/mcp/servers.json. These files frequently contain plaintext API keys, access tokens, and other authentication credentials. The skill's documentation and scripts encourage users to synchronize these backups to external destinations like GitHub repositories or cloud storage, which poses a significant risk of credential exposure if those destinations are not kept private. - [COMMAND_EXECUTION]: The skill establishes persistence on the host system to enable automated backups. It provides instructions and templates for creating
crontabentries,systemduser services/timers, and macOSlaunchdagents. These mechanisms allow the skill's logic to execute periodically in the background without user interaction. - [COMMAND_EXECUTION]: The skill relies on extensive shell command execution for its core functionality, including
tarfor archiving,rsyncfor synchronization, andgitfor version control. It provides scripts that perform recursive directory operations and file deletions (rm -v) for backup rotation. - [COMMAND_EXECUTION]: The restoration process utilizes
tar -xzvfto extract archives directly into the user's home directory. This process is designed to overwrite existing system configurations and lacks internal validation or sandboxing to prevent potential path traversal or accidental file corruption if a malformed archive is processed.
Audit Metadata