by 安全扫描
OpenClaw
可疑
medium confidenceThe skill largely matches a GitHub backup purpose, but there are important mismatches and security risks (token handling, hidden backups of potentially sensitive files, and an unimplemented 'create repo' claim) that you should understand before installing.
评估建议
Before installing or running this skill, consider the following:
- Token handling: the workflow requires a personal access token (repo scope). Do not paste long-lived tokens into UI/chat unless you trust the agent. The provided script embeds the token in the Git remote URL, which will store it in .git/config in plaintext. Prefer alternatives: use a short-lived token, a deployment key, GitHub Actions with secrets, or a credential helper rather than embedding the token in the remote URL.
- Repos...详细分析 ▾
⚠ 用途与能力
The description claims the skill will 'create the repository' and fully automate setup, but neither SKILL.md nor scripts perform repository creation via the GitHub API or gh/HTTP calls. The script simply expects a GitHub username, repo name and token and pushes — so a pre-existing repo (or manual creation) is actually required. Also the SKILL.md and script reference both /root/.openclaw/workspace and ~/.openclaw/workspace inconsistently.
⚠ 指令范围
The runtime instructions ask the user to paste a repo-scoped GitHub token into the agent and then run git operations that will add and push files including skills/ and memory/. 'memory/' may contain sensitive secrets. The script embeds the token into the remote URL (git remote set-url https://x-access-token:TOKEN@github.com/...), which writes the token into the repository's .git/config in plaintext. The SKILL.md instructs scheduling via openclaw cron and running commands under /root, which implies root workspace access.
✓ 安装机制
This is an instruction-only skill with a small shell script included; there is no install spec or remote download. That minimizes install-time risk.
⚠ 凭证需求
Requesting a GitHub token with repo scope is proportionate for pushing backups, but the agent asks the user to paste that token (sensitive) and the provided implementation stores it in git config (exfiltration risk if the workspace is shared). The skill does not declare required env vars explicitly, and there is no guidance to limit the token's scope or lifetime.
✓ 持久化与权限
always:false and no install hook means the skill does not demand permanent/force-included privileges. It uses openclaw cron (normal for scheduled tasks) but does not modify other skills or global configs beyond the repository remote in the workspace.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/15
GitHub仓库备份技能 - 支持手动交互式配置向导和自动定时备份两种模式
● 无害
安装命令
点击复制官方npx clawhub@latest install alfred-github-backup
镜像加速npx clawhub@latest install alfred-github-backup --registry https://cn.longxiaskill.com