ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Updater.Bak2

v1.0.0

Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of w...

0· 63·0 current·0 all-time
by@make453·fork of @maximeprades/auto-updater (1.0.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md and reference docs only describe adding a cron job that runs clawdbot update/doctor and clawdhub update --all. No unrelated services, binaries, or credentials are requested.
Instruction Scope
Instructions stay within the updater scope (detect install type, run package manager updates, run clawdhub update --all, write a log, and emit a parsable summary). Notable behaviors: creates a helper script under the user's home (~/.clawdbot/scripts/auto-update.sh), writes logs (~/.clawdbot/logs/auto-update.log), captures and emits full clawdhub output in SKILL_OUTPUT. These are reasonable for an updater but can surface sensitive info if update output contains error messages or other secrets.
Install Mechanism
No install spec or archive downloads are present (instruction-only). Nothing will be written to disk by the skill package itself — any files are created by the commands the agent runs. This is the lowest-risk install footprint from the skill bundle perspective.
Credentials
The skill declares no environment variables, no credentials, and references only CLI tools expected for updating (npm/pnpm/bun, git, clawdbot, clawdhub). It does not request unrelated secrets. However, global package updates can require elevated permissions; the instructions mention permission errors and advise sudo or permission fixes.
Persistence & Privilege
The skill recommends adding a cron job (persistent scheduled execution) and writing a helper script and logs to the user's home. always is false. Persistent scheduling and automatic updating are expected for this purpose, but they are powerful: automatic updates will install new code for both Clawdbot and all skills (via clawdhub update --all), which could introduce unreviewed changes if the registry or update process is compromised.
Assessment
This skill appears coherent for automatically checking and applying updates. Before enabling it, consider: 1) Run a dry-run first (clawdhub update --all --dry-run) to see what would change. 2) Review the helper script content and the log file location if you or the agent will create it (~/.clawdbot/scripts/auto-update.sh and ~/.clawdbot/logs/auto-update.log). 3) Prefer isolated sessions and limit privileges (avoid running global package updates as root if possible). 4) Decide if you want to update all skills automatically — automatic bulk updates can install new code without per-skill review; consider restricting to specific trusted skills or reviewing changelogs. 5) Ensure you have backups or a rollback plan in case an update breaks workflows. 6) If you use remote delivery (e.g., Telegram), verify destination addresses/tokens are configured securely. The scanner had no findings to analyze (instruction-only skill).

Like a lobster shell, security has layers — review code before you run it.

latestvk974v5jescejypb8xbhhjtydpx83ajrj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔄 Clawdis
OSmacOS · Linux

Comments