Back to skill
Skillv1.0.1
ClawScan security
Skill Update Helper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:11 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, lack of installs, and requested resources match its stated purpose of checking and applying OpenClaw/skill updates; nothing requests unrelated credentials or odd installs.
- Guidance
- This skill appears coherent and focused on update workflows. Before using or scheduling it: (1) confirm you have clawhub/openclaw installed and that you want automatic updates; (2) prefer dry-run (clawhub update --all --dry-run) first; (3) avoid blindly running 'clawhub update --all' in production—consider updating specific skills or testing in staging; (4) if you enable a cron job, explicitly approve its schedule and command and ensure you have backups/rollback procedures; (5) verify any credential prompts come from your existing clawhub/OpenClaw tooling (use 'clawhub whoami' to check).
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: all commands and workflow reference OpenClaw tooling (clawhub, openclaw) and scheduling updates, which is appropriate for an update helper. No unrelated binaries, env vars, or config paths are required.
- Instruction Scope
- okSKILL.md and agent-guide instruct only operations relevant to update checks and scheduling (openclaw status, clawhub list/update, use cron for scheduling). They do not direct reading unrelated files, exfiltrating data, or calling external endpoints outside OpenClaw tooling. The guidance to check auth (clawhub whoami) is reasonable.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — minimal footprint and nothing is written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The operational commands may require the user's existing clawhub/OpenClaw credentials, but the skill does not demand unrelated secrets.
- Persistence & Privilege
- noteThe skill recommends creating scheduled cron tasks to run automatic update checks; while the skill itself is not forcibly persistent (always:false), scheduling introduces persistent, autonomous behavior. This is expected for an update helper but worth explicit user consent.