← Back to Skills Marketplace
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install save-secure-keys
Description
安全保存 OpenClaw 的配置和密钥信息。将配置文件从默认位置备份到安全的文件路径 keys.txt 中。
Usage Guidance
This skill does what it says (copies an OpenClaw config file) but has concerning choices you should consider before installing or running it:
- Path mismatch: SKILL.md says default source is ~/.openclaw/openclaw.json but the script uses ~/.openclaw/openclaw.json.bak. Confirm which file contains your real keys.
- Privileged target: The default destination is /root/keys.txt. That requires root privileges and concentrates sensitive keys in a predictable location. Prefer a user-owned, non-root path or an encrypted store.
- No encryption or access control: The script copies keys in plaintext. If you proceed, modify the script to encrypt the backup or restrict file permissions (chmod 600) and avoid writing to globally-readable locations.
- Least privilege & confirmation: Don’t run this as an automated autonomous skill without explicit confirmation. Require the agent to ask you before copying sensitive files.
- Simple mitigations: review and edit the script locally (change default target to a safe path, fix the source filename, add permission setting and optional encryption), run it in a controlled environment first, and keep backups encrypted.
Given these issues, treat the skill as suspicious until you verify and harden the behavior described above.
Capability Analysis
Type: OpenClaw Skill
Name: save-secure-keys
Version: 1.0.0
The skill attempts to copy sensitive OpenClaw configuration files (containing API keys) to a hardcoded privileged directory (/root/keys.txt) via save_keys.py. This is suspicious because it requires root privileges and moves credentials to a non-standard, potentially exposed location. Additionally, there is a discrepancy between the documentation (SKILL.md) and the code regarding the source filename (.json vs .json.bak), which could lead to unexpected behavior.
Capability Assessment
Purpose & Capability
The skill's name and description claim to back up OpenClaw configuration and keys, which matches the provided Python script that copies a config file. However the SKILL.md says the default source is ~/.openclaw/openclaw.json while the script defaults to ~/.openclaw/openclaw.json.bak — a concrete mismatch. Also the documentation hardcodes a privileged target (/root/keys.txt) which is not a proportional or clearly justified default for a user-facing backup.
Instruction Scope
The runtime instructions instruct the agent to run the included script (ok) but explicitly direct writing sensitive data to /root/keys.txt. The script will create target directories if necessary and unconditionally copy the file without encryption or redaction. The SKILL.md and script disagree on the default source path, which could cause confusion and accidental data omission or copying the wrong file. Writing secrets to a world- or root-accessible path without encryption is a clear scope risk.
Install Mechanism
No install spec; this is instruction + a single Python script and requires only python3 on PATH. No external downloads or package installs are performed.
Credentials
The skill requests no environment variables or credentials (appropriate). However, it requests access to a sensitive local config file and defaults to copying it into a privileged path (/root/keys.txt). The lack of any encryption, access control, or justification for the root destination makes the handling of credentials disproportionate to a benign backup task.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skill settings. It can be invoked autonomously by the agent (platform default). Combining autonomous invocation with the ability to read and copy sensitive local config files increases risk if the agent is given broad scope — consider limiting invocation or requiring explicit user confirmation before run.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install save-secure-keys - After installation, invoke the skill by name or use
/save-secure-keys - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of **save-secure-keys**.
- Safely backs up OpenClaw configuration and sensitive keys from the default path to a secure file (`keys.txt`).
- Command triggers include "备份我的密钥到 " and "安全保存 OpenClaw 配置".
- Backup process uses a Python script and supports custom source and target paths.
- Requires Python 3; ensure required permissions for access to protected directories.
Metadata
Frequently Asked Questions
What is Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path?
安全保存 OpenClaw 的配置和密钥信息。将配置文件从默认位置备份到安全的文件路径 keys.txt 中。 It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path?
Run "/install save-secure-keys" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path free?
Yes, Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path support?
Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Securely store OpenClaw configuration and key information. Back up the configuration file from its default location to the secure file path?
It is built and maintained by yegou777 (@yegou777); the current version is v1.0.0.
More Skills