安全决策报告
openclaw-backup
Skill claims to include PowerShell backup scripts that do not exist in the package, creating a doc-to-code mismatch. The skill references backing up 'FluxA Wallet' (crypto wallet) and OpenClaw configs without providing actual implementation files.
最直接的威胁证据
高危 文档欺骗
Missing implementation scripts SKILL.md and README.md describe four PowerShell scripts (quick_backup.ps1, full_backup.ps1, restore_backup.ps1, list_backups.ps1) but the scripts/ directory does not exist in the package. Only documentation files are present.
SKILL.md:117 为什么得出这个结论
1/4 个维度触发 通过
声明与实际能力
声明资源与推断能力基本一致。
复核
隐藏执行与外联
提取到 3 个一般风险产物,需要结合上下文判断。
阻止
攻击链与高危发现
报告包含 0 步攻击链,另有 1 项高危或严重发现。
复核
依赖与供应链卫生
没有完整依赖信息,供应链判断需要保留弹性。
风险分是怎么被拉高的
Missing implementation files +25
SKILL.md and README.md describe 4 PowerShell scripts but no scripts/ directory exists
FluxA Wallet access unverified +20
Skill claims to backup 'FluxA Wallet' configuration - a crypto wallet - without explaining how or where this data is stored
No allowed-tools declaration +10
SKILL.md does not declare allowed-tools mapping, making capability inference impossible
External URLs present +5
References to clawhub.com external URLs found in documentation
Schedule persistence mechanism undeclared +5
Documentation mentions 'autoBackupSchedule' cron but implementation not provided
最关键的证据
高危 文档欺骗
Missing implementation scripts
SKILL.md and README.md describe four PowerShell scripts (quick_backup.ps1, full_backup.ps1, restore_backup.ps1, list_backups.ps1) but the scripts/ directory does not exist in the package. Only documentation files are present.
SKILL.md:117 Request developer to include actual implementation scripts before use
中危 敏感访问
FluxA Wallet backup without explanation
The skill claims to backup 'FluxA Wallet' configuration. FluxA appears to be a cryptocurrency wallet. The documentation does not explain what data is being backed up, where FluxA stores its data, or how this data is handled.
SKILL.md:25 Clarify what FluxA data is accessed and ensure no private keys or seed phrases are exposed
中危 文档欺骗
Auto-backup schedule mechanism undeclared
SKILL.md mentions 'autoBackupSchedule' cron configuration and Windows Task Scheduler integration but no actual implementation of scheduled task creation is provided.
SKILL.md:69 Clarify how scheduled backups are implemented without providing persistence mechanisms
低危 权限提升
No allowed-tools declaration
SKILL.md does not include the allowed-tools mapping section that defines what tools the skill can use and at what permission levels.
SKILL.md:1 Add allowed-tools declaration to clearly state filesystem/shell access requirements
声明能力 vs 实际能力
文件系统 通过
声明 READ,WRITE
→ 推断 UNKNOWN
SKILL.md describes backup/restore but no scripts exist to verify 命令执行 通过
声明 WRITE
→ 推断 UNKNOWN
PowerShell scripts referenced but not present 网络访问 通过
声明 NONE
→ 推断 NONE
No network calls described in docs credential 通过
声明 NONE
→ 推断 UNKNOWN
FluxA Wallet backup implies credential/access to crypto wallet data 可疑产物与外联
中危 外部 URL
https://clawhub.com/skills/openclaw-backup README.md:11
中危 外部 URL
https://clawhub.com/discuss README.md:294
依赖与供应链
没有结构化依赖告警。
文件构成
3 个文件 · 593 行
Markdown 2 个文件 · 580 行JSON 1 个文件 · 13 行
需关注文件 · 2
README.md https://clawhub.com/skills/openclaw-backup · https://clawhub.com/discuss · [email protected]
SKILL.md Missing implementation scripts · FluxA Wallet backup without explanation · Auto-backup schedule mechanism undeclared · No allowed-tools declaration
其他文件 · _meta.json
安全亮点
No base64-encoded content or obfuscation observed
No credential exfiltration or external IP communications described
No reverse shell or C2 infrastructure references
Documentation is comprehensive and clear about intended behavior
MIT license is included