Backups - where Cryptomator is the Source (not Target)

We have a number of cloud accessible Cryptomator vaults (30+) each with its own pass code.
I want to automate backing up unencrypted vault contents.

This means writing a PowerShell script that can:
a) unlock a vault using its password
b) back up the contents at the Cryptomator mount point
c) lock the vault
d) repeat for the next vault

Backing up the encrypted vaults is easy, but won’t notify you if the vault contents are corrupted… (There is no guarantee the unencrypted content can be restored.)

I notice there is an experimental command-line tool (GitHub - cryptomator/cli: Cryptomator Command-Line Interface).

  1. Has anyone had experience using PowerShell to unlock a vault dynamically then locking it again?
  2. Did you use the CLI tool or are there other methods to dynamically unlock a vault?