ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

sys-updater

v1.1.0

System package maintenance for Ubuntu (apt), npm, brew, and OpenClaw skills. Conservative workflow with 2-day quarantine for non-security updates, automatic...

0· 1.4k·4 current·4 all-time
by@spiceman161
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The project is plausibly a system updater for apt/npm/brew and OpenClaw skills — that capability explains most included code (apt_maint.py, pkg_maint.py, auto_review.py) and the documentation. However registry metadata (no required binaries / no required env vars) does not match SKILL.md which declares required binaries (apt-get, npm, brew, clawhub) and environment variables (SYS_UPDATER_BASE_DIR, SYS_UPDATER_STATE_DIR, SYS_UPDATER_LOG_DIR). The claimed behavior (auto-review, skill updates via ClawHub, Telegram reports) is consistent with the code, but the metadata omission is an incoherence that makes automated permission checks unreliable.
!
Instruction Scope
Runtime instructions and code perform system-level actions: run sudo apt-get update, run unattended-upgrade (applies security updates), simulate upgrades, parse /var/log/apt/history.log, and call external services (npm registry, Homebrew API, GitHub API). The SKILL.md also instructs creating a sudoers file to allow passwordless sudo for apt/unattended-upgrade. The skill also documents auto-updating OpenClaw skills (clawhub) and generating Telegram reports; however, no Telegram token or sending code is declared (the repo expects the caller to forward/report). The scope (reading system logs, running sudoed commands, and making network requests) is consistent with an updater but is sensitive — especially because the instructions include granting passwordless sudo for system update commands.
Install Mechanism
There is no external install step (instruction-only + bundled Python scripts). The code uses only Python stdlib and subprocess calls; nothing is downloaded from arbitrary URLs. That lowers install risk compared to downloadable binaries. The repo includes code files (not pure prose), so a code review is appropriate before use.
!
Credentials
The skill requires elevated capability (passwordless sudo entries) which is proportionate for a tool that applies security updates, but there are notable mismatches: 1) The documented sudoers entries intentionally exclude apt-get install (and docs repeatedly say "No package installation/removal through sudo"), yet the code's apply_planned_apt_upgrades calls 'sudo apt-get install -y <packages>' — this will fail unless sudoers is expanded (or the code is changed), creating a dangerous gap between intended permissions and actual behavior. 2) SKILL.md mentions Telegram reporting and OpenClaw/clawhub usage, but no credential/environment variables (e.g., Telegram bot token or clawhub config) are declared in registry metadata. 3) The registry metadata lists no required env vars while the docs and code expect SYS_UPDATER_* env vars — an inconsistency that affects deploy/automation and least-privilege questions.
!
Persistence & Privilege
The skill does not set always:true, but it asks the operator to create a sudoers file granting passwordless execution of system update commands for a user. Modifying /etc/sudoers.d is a permanent, high-impact change and should be done deliberately. Combined with the code calling 'sudo apt-get install' (which is not listed in the recommended sudoers), this elevates risk: either the installer will need to expand sudoers (increasing privilege), or planned installs will silently fail. The skill does not attempt to modify other skills' configurations directly in the code shown, but it does intend to auto-update OpenClaw skills (clawhub) which means it can change other skill state when run.
What to consider before installing
What to check before installing or running this skill: 1) Read the code. The repo includes scripts that will run sudo commands, parse apt logs, and perform network requests to GitHub/npm/Homebrew. If you can't review them yourself, run them in an isolated test VM first. 2) Sudoers mismatch: the docs intentionally restrict passwordless sudo to apt-get update, apt-get -s upgrade (simulation) and unattended-upgrade. But the code calls 'sudo apt-get install' to apply planned non-security updates. Decide which behavior you want: either (A) keep sudoers restrictive and remove/disable planned installs in the code, or (B) explicitly add apt-get install to sudoers after understanding the consequences. Never add broad sudo rights — add only the exact commands (absolute paths) you audited. 3) Paths and binaries: verify correct absolute paths in sudoers. The docs/examples reference both /usr/bin/unattended-upgrade and /usr/sbin/unattended-upgrade in different places — confirm the actual path on your distribution. 4) Telegram/OpenClaw behavior: the skill renders reports but does not appear to ship or require a Telegram bot token; cron/OpenClaw is expected to forward the report. If you expect the skill to push messages itself, look for code that stores or uses bot tokens (none declared). Similarly, auto-updating OpenClaw skills implies using clawhub — ensure you understand what clawhub does and that the binary/credentials are available and limited. 5) Network calls and rate limits: auto_review.py will query public APIs (GitHub/npm/brew). It uses unauthenticated GitHub requests (60/hr). If you need higher rate or authenticated checks, consider adding a token and auditing how it is stored. 6) Permissions to read system files: parsing /var/log/apt/history.log may require root privileges on some systems; the code handles PermissionError but will produce incomplete data if it cannot read logs. 7) Test in dry-run: use the provided --dry-run and --verbose modes. Run on a non-production host and inspect generated state/logs before enabling cron/systemd or changing sudoers. 8) Reconciliation: if you accept planned installs, add tests and an audit path to ensure planned installs cannot be abused to install arbitrary packages. Prefer whitelisting package names or requiring manual confirmation for potentially dangerous packages. If you provide updated metadata (declare required binaries and env vars) and either remove/disable the sudo apt-get install usage or explicitly include it in the documented sudoers with audited absolute paths, my confidence that this skill is coherent and low-risk would increase.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b9aqbq46qp3q9stswvhfrcn820jf4
1.4kdownloads
0stars
4versions
Updated 1h ago
v1.1.0
MIT-0
@spiceman161
latest
Download

System Updater (sys-updater)

Comprehensive system maintenance automation for Ubuntu hosts with support for apt, npm, brew, and OpenClaw skills.

What this skill does

sys-updater is a conservative maintenance pipeline for Linux hosts running OpenClaw. It separates security patching from feature upgrades, keeps auditable state files, and sends a human-readable daily report.

Core capabilities

  • APT (Ubuntu)
    • daily apt-get update
    • automatic security updates via unattended-upgrade
    • non-security upgrades only from explicit planned list
  • NPM / PNPM / Brew
    • detect outdated packages
    • keep them in tracked state
    • auto-review package risk (bugs/regressions/CVE signals)
    • install only approved/planned updates
  • OpenClaw skills (ClawHub)
    • checks installed skills and reports update status
  • Daily report (09:00 MSK)
    • current health/status
    • candidates/planned/blocked per manager
    • explicit “actually installed” lines for apt/npm/pnpm/brew

Workflow

Daily (06:00 MSK)

run_6am:
├── apt: update, security upgrades, simulate, track non-security
├── npm/brew: check outdated, add to tracking
└── skills: auto-update immediately (no quarantine)

Report (09:00 MSK)

  • Summary of all package managers
  • Planned updates for next day
  • Blocked packages with reasons

T+2 Days (Review)

  • Web search for bugs/regressions in tracked packages
  • Mark as planned or blocked based on findings

T+3 Days (Upgrade)

  • Apply planned npm/brew upgrades
  • Send completion report

State Files

  • state/apt/last_run.json — Last run results
  • state/apt/tracked.json — APT packages being tracked
  • state/apt/npm_tracked.json — NPM packages
  • state/apt/brew_tracked.json — Brew packages
  • state/logs/apt_maint.log — Daily logs (10-day rotation)

Manual Commands

# Daily maintenance (runs automatically)
./scripts/apt_maint.py run_6am

# Generate report
./scripts/apt_maint.py report_9am

# Check npm/brew only
./scripts/pkg_maint.py check

# Review packages (after 2 days)
./scripts/pkg_maint.py review

# Apply planned upgrades
./scripts/pkg_maint.py upgrade

# Update skills only
./scripts/pkg_maint.py skills

Configuration

Environment variables:

  • SYS_UPDATER_BASE_DIR — Base directory (default: ~/clawd/sys-updater)
  • SYS_UPDATER_STATE_DIR — State files location
  • SYS_UPDATER_LOG_DIR — Log files location

Cron Jobs

Requires 4 cron jobs:

  1. run_6am — Daily 06:00 MSK (apt + check npm/brew + auto skills)
  2. report_9am — Daily 09:00 MSK (Telegram report)
  3. review_2d — T+2 days 09:00 MSK (web search bugs)
  4. upgrade_3d — T+3 days 06:00 MSK (apply planned)

Conservative Design

  • Security updates: Applied automatically via unattended-upgrade
  • Non-security: 2-day observation period with bug research
  • User control: Can block any package with reason
  • Safety: Dry-run simulation before any apt upgrade

Requirements

  • Ubuntu with apt
  • Node.js + npm (for npm packages)
  • Homebrew (for brew packages)
  • OpenClaw with clawhub CLI
  • sudo access for specific apt commands (see below)

Sudoers Configuration

For unattended operation, grant the running user passwordless sudo for specific apt commands only. Do not add the user to full sudoers.

Create file /etc/sudoers.d/sys-updater:

# Allow sys-updater to run apt maintenance commands without password
# Replace 'username' with your actual username
username ALL=(root) NOPASSWD: /usr/bin/apt-get update
username ALL=(root) NOPASSWD: /usr/bin/apt-get -s upgrade
username ALL=(root) NOPASSWD: /usr/bin/unattended-upgrade -d

Set secure permissions:

sudo chmod 440 /etc/sudoers.d/sys-updater
sudo visudo -c  # Verify syntax is valid

Required Commands Explained

CommandPurpose
apt-get updateRefresh package lists
apt-get -s upgradeSimulate upgrade (dry-run, no actual changes)
unattended-upgrade -dApply security updates automatically

Security Notes

  • Only these 3 specific commands are allowed
  • No apt-get upgrade without -s (simulation only for tracking)
  • No apt-get dist-upgrade or autoremove
  • No package installation/removal through sudo
  • NPM and brew do not require sudo (user installs)

Comments

Loading comments...