ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Auto Updater 1.0.0

v1.0.0

Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of w...

0· 45·0 current·0 all-time
by@q262045312-ui
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the instructions: checking install type, running package-manager or source update commands, invoking clawdhub update --all, adding a cron job, and writing logs under ~/.clawdbot are all coherent with an auto-updater.
Instruction Scope
Instructions explicitly create an updater script, run package manager (npm/pnpm/bun) or source updates, run clawdbot doctor, and run clawdhub update --all. These are within scope, but the skill will automatically fetch and install new skill versions and collect the command output into logs and an 'update summary' that can be delivered to a provider (e.g., Telegram) — this raises a potential for unintended disclosure of sensitive output or automatically installing malicious updates if the registry or updates are untrusted.
Install Mechanism
This is instruction-only with no install spec and no external downloads — lowest-risk delivery model. All invoked tools are existing CLI commands (clawdbot, clawdhub, package managers).
Credentials
No environment variables, credentials, or unrelated config paths are requested. The only filesystem access is to user-scoped paths (~/.clawdbot) and to package managers, which is reasonable for an updater.
Persistence & Privilege
The skill does not set always:true and is user-invocable. However, adding a cron job means persistent automated execution that will autonomously install updates (including third‑party skill code) and deliver summaries; autonomous invocation combined with automatic updates increases operational risk if updates are later malicious or if summaries leak sensitive content.
Assessment
This skill appears to do what it claims, but take these precautions before enabling auto‑updates: - Prefer a dry-run first: run `clawdhub update --all --dry-run` to see what would change before enabling automatic installs. - Limit delivery endpoints: avoid sending raw update output to public channels (Telegram, email, etc.). Trim or sanitize logs before sending, or deliver only summaries listing package names/versions. - Run updates in an isolated, unprivileged account or container to limit damage if an update is malicious. - Require manual approval for updates to third‑party skills you rely on, or subscribe only to trusted registries/authors. - Keep backups and note how to roll back skill updates (clawdhub rollback or reinstall previous versions). If you want a higher-assurance setup, ask the author/source for signed release verification or configure the updater to only apply updates from an allowlist of skills or publishers.

Like a lobster shell, security has layers — review code before you run it.

latestvk971jw21n3bv9tv7qjd55r23cx83vxjn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔄 Clawdis
OSmacOS · Linux

Comments