Back to skill
Skillv1.0.0
ClawScan security
ClawHub Auto Update · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 5:08 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill's files and instructions are internally consistent with its stated purpose of checking for and running ClawHub updates; it mainly runs npx clawhub update --all and logs results.
- Guidance
- This skill appears to do exactly what it says: run `npx clawhub update --all` and log output. Before installing, consider: (1) automatic updates will overwrite local modifications — back up any custom skill code; (2) `npx` may fetch and run packages from the npm registry at runtime, so ensure you trust the clawhub package and your npm configuration; (3) if you allow autonomous invocation (agent can call skills), the agent could trigger updates without your explicit approval — if you prefer manual control, run the script yourself or keep cron/manual usage; (4) verify that the log path (~/.openclaw/logs) is acceptable and writable. Overall the skill is coherent and proportionate, but treat automatic updates with the usual caution.
Review Dimensions
- Purpose & Capability
- okName/description match the actual behavior: the SKILL.md and included script perform update checks and call `npx clawhub update --all`. No unrelated credentials, binaries, or paths are requested.
- Instruction Scope
- okRuntime instructions only run the provided script or call `npx clawhub update --all`. They ask the user to log in with `npx clawhub login` and advise backups because updates overwrite local changes. The instructions do not request unrelated files, credentials, or external endpoints.
- Install Mechanism
- noteNo install spec (instruction-only) and a small shell script are included. The script uses `npx`, which will fetch and execute packages from npm at runtime — expected for a tool that invokes `clawhub` but worth noting because `npx` executes remote code.
- Credentials
- okThe skill declares no environment variables or credentials. It does require the user to be logged into ClawHub (via `npx clawhub login`), which is proportionate to performing updates.
- Persistence & Privilege
- notealways:false (not forced). The platform default allows autonomous invocation; if the agent is permitted to call this skill automatically, it can run updates (which overwrite local skill files) without explicit human review. That is functionally powerful but coherent with the skill's purpose — consider whether you want autonomous updates enabled.