Auto Updater.Bak 2026 01 28T18:01:13+10:30
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad or incompatible update could change agent behavior, break installed skills, or apply migrations before the user reviews the changes.
The scheduled routine tells the agent to run non-interactive migrations and update every installed skill, which is broad mutation authority without per-update confirmation.
Then run: clawdbot doctor --yes ... Run: clawdhub update --all
Prefer a dry-run or approval step before applying updates, scope updates to selected skills where possible, and keep a rollback or backup plan.
If a registry package or skill update is compromised or simply buggy, the automated job may install it across the user's environment.
The skill pulls latest versions of the core bot and all skills from package/skill registries automatically, with no pinning, changelog review, or provenance check described.
npm update -g clawdbot@latest ... clawdhub update --all
Use trusted sources, review release notes, consider pinning versions, and avoid automatic updates for sensitive or production-like agent environments.
The updater can keep changing the user's bot and skills in the background until the cron job is removed or disabled.
The skill creates persistent scheduled agent activity that continues running daily after the initial setup.
This skill sets up a daily cron job ... clawdbot cron add --name "Daily Auto-Update" --cron "0 4 * * *"
Install only if you want persistent unattended updates; verify the cron entry and know how to remove it with `clawdbot cron remove "Daily Auto-Update"`.
Running the updater with excessive privileges could let future updates modify more of the local environment than intended.
The updater may need write access to installed skill directories and global package locations, which can pressure users to grant broader local privileges.
Permission errors: Ensure the Gateway user can write to skill directories
Run under the least-privileged account that can update the intended files, and avoid using `sudo` unless you fully trust the update source.