ClawHub

Upgrade Guardian

v1.0.0

A cognitive protocol for safely managing and auditing OpenClaw application upgrades. Analyzes configuration-level risks (schema, defaults) and runtime-level...

0· 153·0 current·0 all-time
byRadon Co@radonx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description claim an upgrade-audit protocol for OpenClaw; the SKILL.md and reference docs only request actions and data consistent with that purpose (changelog analysis, reading openclaw.json, running verification checks). No unrelated credentials, binaries, or external services are required.
Instruction Scope
Runtime instructions direct the agent to fetch changelogs, parse them, cross-reference openclaw.json and active workflows, generate reports, and run verification commands (openclaw doctor, openclaw status, backup, log checks). Those operations are within scope for upgrade auditing. The docs reference reading workspace and home-path session files and saving reports under workspace-relative kb/logs/ paths — appropriate for an audit tool. There are no instructions to collect or transmit data to unexpected external endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files. No packages or remote downloads are requested, minimizing persistence and supply-chain risk.
Credentials
The skill does not declare any required env vars, credentials, or config paths beyond reading local OpenClaw config and logs (openclaw.json, ~/.openclaw sessions/logs, workspace kb/). Those data sources are proportionate to performing a pre/post-upgrade audit. No unrelated secrets or external tokens are requested.
Persistence & Privilege
always is false and the skill does not request system-wide persistence. It recommends saving reports inside the agent workspace, which is reasonable for audit artifacts. The skill does include commands that could modify or delete local backups if executed (example backup cleanup patterns), but those are described as operator actions and are reasonable within an upgrade workflow.
Assessment
This skill is a docs-first, instruction-only upgrade audit protocol and appears coherent with its stated purpose. Before installing or invoking it: 1) Be aware the protocol expects to read local OpenClaw config and logs (openclaw.json, session files, gateway logs) and run OpenClaw CLI commands — grant file/command access only if you trust the agent. 2) It may suggest running backup/cleanup commands; do a manual backup and review any deletion commands before executing. 3) The skill fetches changelogs (network access) which is expected for its task; ensure changelog sources are trusted. 4) If you plan to allow autonomous execution, consider limiting the agent's runtime permissions (or require operator confirmation) for actions that modify files or delete backups. Overall, nothing here is disproportionate or unrelated to upgrade auditing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ewpprygmamcxb2v64r197m982t9fz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments