Skillv1.0.0

ClawScan security

ClawHub Auto Updater · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 13, 2026, 10:20 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requested actions, and persistence are consistent with its stated purpose of scheduling and running daily updates for Clawdbot and installed skills.
Guidance: This skill appears to do what it says, but review and accept these tradeoffs before enabling: - Review the proposed auto-update script (~/.clawdbot/scripts/auto-update.sh) before installing to ensure you understand what will run and where logs are written. - Auto-updates run package-manager or git updates, which execute code from upstream sources (npm, pnpm, bun, git). Only enable automated updates if you trust those upstream sources or are comfortable with changes being applied automatically. - Run a dry-run first: use `clawdhub update --all --dry-run` to see what would change. - Be prepared for permission issues (global updates may need sudo) and for migrations (the script runs `clawdbot doctor --yes`, which may apply changes automatically). - Ensure the delivery channel for summaries (where the agent posts update results) is properly configured and secure; the skill itself does not request tokens but may send update summaries to configured providers. - If you rely on critical skills, consider pinning versions or using a staged update policy (test updates before enabling daily automatic application). If you want, I can produce a hardened variant of the script that: uses checksums, limits what gets updated automatically, rotates logs, or notifies you for approval before applying updates.

Review Dimensions

Purpose & Capability: okThe name and description match the instructions: setting up a cron job, running clawdbot/clawdhub update commands, and reporting results. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md and the agent guide instruct creating a helper script under ~/.clawdbot, writing logs to ~/.clawdbot/logs, and adding a cron job that runs update commands (npm/pnpm/bun, clawdbot update, clawdhub update --all). These are within scope for an auto-updater, but they do grant the skill the ability to run arbitrary upstream-installed update commands and write to the user's home directory. Review the script and understand that updates pull code from upstream registries (npm/git), which implies trusting those sources.
Install Mechanism: okInstruction-only skill with no install spec and no downloaded artifacts — lowest install risk. It relies on existing system tooling (npm/pnpm/bun/clawdhub/clawdbot).
Credentials: okNo environment variables, credentials, or config paths are requested. The guidance references delivery providers (e.g., Telegram) only as configuration examples; the skill does not ask for tokens or secrets itself.
Persistence & Privilege: noteThe skill recommends creating a cron job and a script under the user's home directory (~/.clawdbot). This is expected for an auto-updater and is not set to always:true. Users should be aware this gives scheduled execution ability on their account (standard for cron).