Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Update Advisor
v1.0.1OpenClaw update check and upgrade assistant. Triggers on phrases like "check for updates", "any new version", "is openclaw updated", "run the update", "confi...
⭐ 0· 34·0 current·0 all-time
bykelven.ling@lzyling
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and required binaries (npm, python3, openclaw) align with an update-check/update flow. The scripts perform npm view, parse a local CHANGELOG, run openclaw doctor/status, and assemble JSON results — all consistent with an update advisor.
Instruction Scope
SKILL.md instructs the agent to read the user's active configuration from MEMORY.md to annotate changelog relevance, but the skill metadata did not declare any required config paths. Reading MEMORY.md can expose sensitive session/context data; this access is not clearly declared in the manifest. The SKILL.md claims read-only access, but that is an instruction-level promise the platform cannot enforce by manifest alone. Also, while scripts themselves are local and limited, the agent will invoke openclaw commands (doctor, update status) which affect local system state and could reveal local configuration.
Install Mechanism
There is no external install spec (no downloads). This is instruction-only at the registry level, but the package includes three executable scripts that will be run locally. Having bundled scripts is reasonable for this purpose, but it raises the usual caution: these files will execute on the host and should be reviewed. No remote or obfuscated install sources were used.
Credentials
No credentials or secret environment variables are requested. The scripts read common env vars (HOME, PNPM_HOME) and call utilities (npm, openclaw) that are necessary for version and changelog discovery. The required access scope is proportionate to an updater.
Persistence & Privilege
always is false and the skill is user-invocable; cron jobs are created via OpenClaw's own cron tool and are documented as only created after explicit user confirmation. The skill does not request permanent platform-wide privileges or attempt to modify other skills' configs.
What to consider before installing
This skill largely does what it says: it runs local scripts to check versions, parse your local CHANGELOG, and can schedule a one-shot post-update verification via OpenClaw's cron tool. Before installing: 1) Review the bundled scripts (scripts/check-update.sh, parse_changelog.py, assemble_result.py) yourself to confirm you trust their behavior since they will be executed locally. 2) Decide whether you're comfortable with the agent reading MEMORY.md (session/config context) — SKILL.md says it will be read for relevance analysis but that access wasn't declared in the manifest. If you don't want that, decline or ask for a version that doesn't read MEMORY. 3) Ensure openclaw, npm, and python3 are present and that you understand the skill will run openclaw doctor/status (read-only) and may propose update commands; the update/change operation itself is gated by explicit confirmation. 4) For extra safety, run the check script manually in a terminal first (bash <workspace>/skills/update-advisor/scripts/check-update.sh) to see outputs before granting the agent permission to execute. If you need higher assurance, ask the skill author to explicitly declare MEMORY.md or provide a mode that operates without reading agent memory.Like a lobster shell, security has layers — review code before you run it.
latestvk979m6453af903as6dda67378n84trn1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.