Upgrade Guardian
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to be a transparent upgrade-audit checklist, with expected but sensitive OpenClaw configuration/log review and user-directed verification commands.
This skill is reasonable to use for OpenClaw upgrade planning. Before letting it run checks, confirm it is operating in the correct workspace, approve any config changes or production-impacting tests, review backup cleanup commands carefully, and avoid storing secrets in generated reports.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the checklist carelessly could delete backup archives or touch live OpenClaw services during verification.
The checklist contains optional destructive cleanup commands for old backup archives, along with many OpenClaw CLI checks. This is purpose-aligned for upgrade maintenance, but it can affect local files if run without review.
Manual cleanup examples include: `ls -t ~/Backups/openclaw/*.tar.gz | tail -n +8 | xargs rm -f` and `find ~/Backups/openclaw -name "*.tar.gz" -mtime +7 -delete`
Run only the relevant commands, confirm paths and backup retention choices first, and require explicit approval before any delete or production-impacting command.
The agent may see or exercise sensitive OpenClaw configuration, auth mode, logs, and provider connectivity while auditing the upgrade.
The verification guidance may use existing OpenClaw auth configuration and provider credentials. That is expected for confirming an upgrade, but it means the agent may interact with privileged app configuration and configured accounts.
`openclaw config get gateway.auth.mode` ... `Test model with SecretRef API key`
Limit access to the intended OpenClaw deployment, avoid exposing raw tokens or passwords in prompts or reports, and review any credential-related output before sharing.
Upgrade reports could remain available to future agent sessions or workspace readers and may include sensitive operational context.
The protocol intentionally persists audit and verification reports in the workspace. This is useful and disclosed, but those reports may contain deployment details, config paths, workflow names, or excerpts from logs.
Save the upgrade write-ups and check results **inside the agent workspace** ... `kb/logs/upgrade-reports/...` ... `kb/logs/upgrade-verifications/...`
Keep archived reports free of secrets, redact sensitive identifiers where practical, and control access to the workspace logs directory.