OpenClaw更新检查
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill is purpose-aligned: it checks OpenClaw releases, summarizes update advice, and explicitly says it will not perform updates.
This appears safe for its stated purpose. Before installing or using it, confirm you want the agent to run OpenClaw version-check commands, fetch GitHub release notes, and optionally send daily update advice through Feishu or a message tool. It does not instruct the agent to perform updates automatically.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local OpenClaw version-check commands and use web/message tools to prepare and deliver an update recommendation.
The skill instructs use of local command execution, but only for version/status checks that directly support the stated update-checking purpose.
使用 `openclaw update status` 或 `openclaw version` 获取当前版本和最新版本信息。
Allow these actions only if you are comfortable with the agent checking OpenClaw version information and sending you a notification; do not approve unrelated commands.
If configured, the skill could run on a recurring daily schedule and send regular update advice.
A recurring cron job is a form of persistence, but it is clearly disclosed and matches the skill's daily update-checking purpose.
### 定时任务(每日) 配置 cron job 每日执行检查。
Only configure the cron job if you want daily checks, and keep track of where it is configured so you can disable it later.