Auto Updater 1.0.0 (1)

Security checks across malware telemetry and agentic risk

Overview

This skill appears to automate agent and skill updates, which is disclosed but broad enough to deserve review before use.

Install only if you intentionally want unattended updates to your bot and all installed skills. Prefer manual or notify-only updates, pin trusted versions where possible, and review update summaries before applying broad changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill is explicitly designed to perform unattended software and skill updates on a daily schedule, which changes installed code without emphasizing the risks of automatic modification, breakage, or supply-chain compromise. Even if intended for convenience, automatically pulling and applying updates to both the core bot and all installed skills increases the blast radius of a bad update or compromised registry/package source.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The guide instructs users to enable unattended updates for both the core bot and all installed skills, but it does not include meaningful warnings, approval gates, pinning, or trust-boundary controls. This is dangerous because it creates an automated supply-chain path for remote code or prompt changes to be pulled and applied without human review, increasing the blast radius of any compromised package, repository, or skill publisher.

Self-Modification

High

Category: Rogue Agent
Content: # Capture new version CLAWDBOT_VERSION_AFTER=$(clawdbot --version 2>/dev/null || echo "unknown") # Update skills log "Updating skills via ClawdHub..." SKILL_OUTPUT=$(clawdhub update --all 2>&1) || true echo "$SKILL_OUTPUT" >> "$LOG_FILE"
Confidence: 97% confidence
Finding: Update skill

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal