Don't Be Scary
PassAudited by ClawScan on May 6, 2026.
Overview
The skill is transparent and purpose-aligned, but it runs a background OpenClaw update/rollback that modifies the local installation and uses Telegram credentials for status messages.
This skill is reasonable for a user-requested OpenClaw update on macOS, but treat it like a system maintenance script: it runs in the background, changes the OpenClaw installation, restarts the gateway, and uses your Telegram bot configuration for notifications.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run, the skill can change or replace the local OpenClaw installation and restart the gateway.
The script can run the OpenClaw updater and, during rollback, remove and restore the OpenClaw npm package and app bundle. This is expected for the skill's purpose, but it is high-impact local mutation.
"$OC_BIN" update --json > "/tmp/openclaw-update-${TS}.update.json" 2>&1 ... rm -rf "$NPM_DIR" ... rm -rf "$APP_DIR"Use it only when you intend to update OpenClaw on the target Mac, and avoid setting path override environment variables unless you are sure they point only to the OpenClaw installation.
The skill can send Telegram messages using the configured OpenClaw Telegram bot.
The script reads a Telegram bot token from the user's OpenClaw config and uses it to send update status messages. This is disclosed and purpose-aligned, but it is credential use.
print(cfg['channels']['telegram']['accounts']['$TG_BOT']['botToken']) ... curl -s -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage"Confirm the Telegram bot and chat target are the ones you expect, and rotate the bot token if you no longer trust the local environment.
After launch, the update continues even if the current agent session ends.
The skill intentionally launches a detached background script so it can survive the gateway restart. This is disclosed and limited to the update workflow.
nohup "<path-to-skill>/scripts/safe-update.sh" </dev/null >/dev/null 2>&1 & disown ... Do not wait for the script to finish
Monitor the Telegram updates or the /tmp/openclaw-update-*.log file, and stop the process manually only if you need to interrupt the update.
The skill may appear installable on unsupported systems or without prerequisites, though the script has some runtime checks.
The registry metadata does not enforce the Mac-only environment or required tools that SKILL.md describes, so compatibility checks rely on the instructions and script preflight instead of metadata.
OS restriction: none; Required binaries (all must exist): none; Required env vars: none
Use only on macOS with a brew cask OpenClaw install, launchctl, python3, curl, and Telegram configured; the package metadata should ideally declare these requirements.