clawdbot-backup

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] This skill is a straightforward backup/sync collection of scripts and documentation for backing up ClawdBot configuration. There is no evidence of intentionally malicious code (no obfuscated payloads, no remote download-and-execute, no embedded exfiltration endpoints). The main security concern is user-driven: the scripts and examples facilitate archiving and pushing potentially sensitive configuration files (including machine-specific settings) to remote git repositories, rsync targets, or cloud folders with minimal safeguards (no encryption, limited exclusion rules, automatic pushes in cron). Automated auto-commit and scheduled backups increase the chance of silent credential leakage if the user includes secrets in their ~/.claude tree or misconfigures remotes. Overall the code is coherent with its purpose but carries a moderate operational risk unless users audit what is included in backups and secure/limit remote destinations. LLM verification: The integrated backup/restore/sync capability appears benign and aligned with its stated purpose, with elevated risk primarily around data exposure from backups and automated transfers, as well as potential overwrites during restoration. The documentation-centric nature and multiple transfer methods warrant careful configuration (encryption, access controls, and explicit prompts for destructive actions). No evidence of hidden malware or credential harvesting is present in the analyzed fragments.