ClawHub

Smart Auto Updater Litiao

Security checks across malware telemetry and agentic risk

Overview

This skill is an updater that can make recurring unattended changes to OpenClaw and installed skills, but its safeguards and user controls are not clearly bounded.

Install only if you intentionally want an agent-managed updater. Start in report-only mode with SMART_UPDATER_AUTO_UPDATE=NONE, test manually before adding cron, verify the correct agent ID, protect webhook URLs as secrets, and do not rely on the documented HIGH-risk gate until the scoring threshold is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states that LOW-risk updates will be auto-applied, but it does not prominently warn users that running the skill may modify installed software. In an updater context, that omission is safety-relevant because users may interpret the skill as a reporting tool and unintentionally authorize changes to their environment.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The quick-start command tells users to run the updater immediately without clearly stating that execution can trigger automatic updates under default or configured settings. That creates a risk of unintended software modification, especially for users who treat example commands as safe read-only checks.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The document provides cron examples that schedule unattended update actions but does not clearly warn that these actions can modify installed software, introduce regressions, or disrupt services. In an auto-updater skill, omission of such warnings can cause operators to enable hands-off updates without understanding the operational risk.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The sample environment configuration enables automatic update behavior through persistent settings, but it does not prominently explain that these settings can authorize recurring system changes. Because this is durable configuration, users may enable risky behavior once and forget it, increasing the chance of unintended updates over time.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal