ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Updater Andy27725

v1.0.0

Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of w...

0· 55·1 current·1 all-time
by@andy27725·duplicate of @gwsq/auto-updater-1-0-0-1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (auto-updater) align with the instructions: the SKILL.md and references describe adding a cron job, running package-manager updates for Clawdbot, running 'clawdhub update --all', and reporting results. Required binaries/env/config are minimal and consistent with this purpose.
Instruction Scope
Instructions remain focused on updating Clawdbot and installed skills. They create a helper script under ~/.clawdbot, add a cron job via 'clawdbot cron add', run package-manager commands and 'clawdhub update --all', and write logs to ~/.clawdbot/logs/auto-update.log. Important security note: the skill unapologetically applies updates automatically (not only dry-run), which means it will pull and execute upstream code updates without interactive review — this is expected for an auto-updater but increases attack surface.
Install Mechanism
Instruction-only skill with no install spec and no code files to write at installation time. The only on-disk artifacts are the optional helper script and log file the instructions instruct the agent to create in the user's home directory during setup — this is proportionate for the described task.
Credentials
No environment variables or credentials are requested. The commands used rely on existing CLIs (clawdbot, clawdhub, npm/pnpm/bun) and user filesystem access — all expected for an updater and not disproportionate. Note: updating global packages may require elevated permissions (sudo) which the instructions surface as a possible fix for EACCES.
Persistence & Privilege
The skill does not set always:true and is user-invocable. It instructs creation of a cron job and a user-owned helper script (persistence within the user's account). This is within scope, but persistent auto-apply of updates (without manual review) is a privileged behavior from a security perspective because it enables regular execution of freshly downloaded code.
Assessment
This skill is coherent with its description, but before installing consider: (1) Automatic 'clawdhub update --all' and npm/pnpm updates will pull and run upstream code without interactive review — if you need to vet updates first, use the dry-run mode or schedule only checks. (2) Prefer running updates in the suggested isolated session and inspect the produced log (~/.clawdbot/logs/auto-update.log) and the —UPDATE_SUMMARY for unexpected changes. (3) Verify the skill's source/owner (registry ownerId differs from _meta.json ownerId here) before trusting automatic updates. (4) Be aware global package updates may require elevated permissions; avoid running as root unless necessary and have backups or a snapshot plan in case an update breaks behavior. (5) If you want stricter control, install but configure the cron to only run a dry-run or notify you for manual approval rather than auto-applying.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cxvmzpn323071x6bcpv59xs83h5es

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔄 Clawdis
OSmacOS · Linux

Comments