Scan Report
0 /100
openclaw-recovery-drill
Test OpenClaw recovery readiness, rehearse backup/restore, run disaster-recovery drills
The skill is a legitimate OpenClaw disaster-recovery readiness checker that safely audits workspace and backup state without any malicious behavior.
Safe to install
No action required. This skill performs read-only filesystem checks to verify backup readiness.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | READ | ✓ Aligned | scripts/recovery-drill.mjs:32 - fs.existsSync() for backup/workspace checks only |
| Network | NONE | NONE | — | No network imports or calls in codebase |
| Shell | NONE | NONE | — | No shell execution; only uses node child_process.execFileSync in tests (not runt… |
| Environment | NONE | NONE | — | os.homedir() used for path resolution only, no env iteration |
File Tree
6 files · 13.0 KB · 360 lines JavaScript 2f · 173L
Markdown 3f · 152L
JSON 1f · 35L
├─
▾
references
│ └─
drill-checklist.md
Markdown
├─
▾
scripts
│ └─
recovery-drill.mjs
JavaScript
├─
▾
tests
│ └─
test.mjs
JavaScript
├─
package.json
JSON
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ No network requests or external communications
✓ No shell execution during runtime (only in tests for self-validation)
✓ No credential harvesting or sensitive file access (~/.ssh, ~/.aws, .env)
✓ No obfuscation, base64, or eval patterns
✓ No data exfiltration or C2 communication
✓ Read-only filesystem operations limited to backup/workspace existence checks
✓ Documentation accurately describes script behavior
✓ No supply chain risks; only uses Node.js built-in modules (fs, os, path)
✓ MIT license, OpenClaw Community author