ClawHub

Ayao Updater

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it persistently and automatically changes OpenClaw and installed skills, so users should review it before installing.

Install only if you want unattended updates to OpenClaw and all installed skills. Run the dry-run first, inspect the cron entry, keep sensitive or locally modified skills in skipSkills, disable notifications unless the target is trusted, and prefer fixing or validating the config parsing and cron schedule handling before enabling automatic runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly promotes scheduled automatic updates and execution of system-modifying commands, including updating OpenClaw, updating installed skills, restarting the gateway, and installing cron jobs. Even if intended as a maintenance feature, the documentation does not clearly warn that this changes system state on a recurring basis, which can surprise users and enable unattended execution of newly fetched code.

Self-Modification

High
Category
Rogue Agent
Content
---
name: ayao-updater
description: Automatically update OpenClaw and all installed skills on a schedule. Use when: (1) setting up automatic updates for OpenClaw or skills, (2) running a manual update check, (3) configuring update schedule, skip lists, or pre-release filtering, (4) user says "auto update", "schedule updates", "keep openclaw updated", "update skills automatically". Handles locally-modified skill protection, conflict avoidance, pre-release filtering, and completion or failure notifications.
---

# OpenClaw Auto Update
Confidence
96% confidence
Finding
update skill

Session Persistence

Medium
Category
Rogue Agent
Content
## Configuration

Create `~/.openclaw/workspace/skills/openclaw-auto-update/config.json`:

```json
{
Confidence
88% confidence
Finding
Create `~/.openclaw/workspace/skills/openclaw-auto-update/config.json`: ```json { "schedule": "0 2 * * *", "skipSkills": [], "skipPreRelease": true, "restartGateway": true, "notify": true,

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal