Skill Update
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only updater, but using it means the agent may check for updates and, with your approval, back up, modify, and migrate local skill files.
This skill appears safe and purpose-aligned for managing skill updates. Before using it, review the preview/diff, approve only the exact update you want, check that a backup was created, and read any migration plan before allowing preferences or saved state to be moved.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used, the agent may change local skill installations after you approve; a mistaken update could affect workflows, though the skill includes rollback-oriented safeguards.
The skill is designed to drive update actions that can change installed skills and agent behavior, but the same instructions require backup, preview, verification, and explicit user approval.
5. **Backup** — Save current state 6. **Update** — Apply new version 7. **Verify** — Confirm everything works ... Only update after explicit "yes".
Approve only a specific skill and version after reviewing the preview, and confirm the backup location before allowing any update or migration.
A newly fetched skill version could introduce changed instructions, requirements, or behavior; the preview step is the main protection against accepting unsafe changes.
The update workflow fetches a new skill version from an external registry for comparison. This is expected for an updater, and the documented diff step helps users inspect supply-chain changes before installation.
npx clawhub fetch <slug>@<version> --dir /tmp/preview-<slug> ... diff -r ~/.clawhub/skills/<slug> /tmp/preview-<slug>
Review the diff and impact report carefully, especially for major versions, new requirements, removed files, or changed instructions.
Saved preferences or learned behavior may be copied into a new skill version and continue affecting future interactions.
The migration guidance can read and move persistent skill preferences, saved state, and learned patterns. This is purpose-aligned, but it involves data that may influence future agent behavior.
Skills may store: - **Preferences** — User settings in SKILL.md sections - **State files** — Saved data in skill folder - **Learned patterns** — Auto-adaptive skills with accumulated knowledge
Inspect what data will be migrated, avoid migrating unrelated private files, and keep the backup until you confirm the new version behaves correctly.