Security Audit

clawdbot-backup

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

clawdbot-backup received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Path Traversal Vulnerability in Backup Restore Script.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Security Findings1

Severity	Finding	Layer	Location
CRITICAL	Path Traversal Vulnerability in Backup Restore Script The `restore_backup` function within the provided `clawdbot-backup.sh` script uses `tar -xzvf "$backup_file" -C "$HOME"` to extract backup archives. This command is vulnerable to directory traversal. If a malicious `.tar.gz` file is provided as `$backup_file` that contains entries with `../` sequences (e.g., `../../../../etc/passwd`), `tar` will extract these files outside the intended `$HOME` directory. This could lead to overwriting critical system files, placing malicious executables in sensitive locations, or other unauthorized file system modifications. The script does not sanitize the contents of the tarball or restrict extraction to a safe subdirectory. To mitigate this vulnerability, implement robust validation of the archive's contents before extraction. Consider these options: 1. Validate Paths: Before extraction, list the contents of the tarball (`tar -tf "$backup_file"`) and check for any paths that start with `/` or contain `../` sequences. Abort if suspicious paths are found. 2. Extract to Isolated Directory: Extract the archive to a temporary, isolated subdirectory (e.g., created with `mktemp -d`) and then carefully move only the expected files from this temporary location to their final destinations after inspection. 3. Use `--one-top-level` (GNU tar): If the archive is expected to contain a single top-level directory, this option can help, but it's not a complete solution for all path traversal cases.	LLM	SKILL.md:184

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/d28f3c6145a60d1b.svg)](https://skillshield.io/report/d28f3c6145a60d1b)