Catch My Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill’s version-checking purpose is coherent, but its update path can run shell-based installs with unvalidated skill names and change installed OpenClaw skills.
Treat this as a review-before-use skill. The version-checking command is relatively understandable, but avoid using the update command until skill-name validation, safe command execution, and source verification are added. Also check whether any crontab entry is installed and remove it if you do not want background checks.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or manipulated skill name could cause unsafe shell behavior, and even normal use can change installed skills in the user's OpenClaw environment.
The update command takes a command-line skill name and interpolates it into shell commands that clone or install skills, without visible input validation, safe argument passing, or confirmation.
const arg = process.argv[3]; ... case 'update': if (arg) updateSkill(arg); ... execSync(`cd ~/.openclaw/workspace/skills && git clone ${repoUrl} 2>/dev/null`, { timeout: 30000 }); ... execSync(`clawhub install ${name}`, { timeout: 30000 });Use safe argument APIs such as spawn/execFile, validate skill names against a strict slug pattern, require explicit confirmation before installs, and restrict updates to trusted, known skills.
Updating through this skill may install or replace agent skills from external sources without strong assurance that the code is the intended version or from the intended owner.
The updater fetches skill code from GitHub or ClawHub by name, with no visible pinning, signature/checksum verification, version verification, or source review step.
const repoUrl = `https://github.com/${config.githubUsername}/${name}`; ... git clone ${repoUrl} ... catch { execSync(`clawhub install ${name}`, { timeout: 30000 }); }Pin trusted owners and versions, show the exact source before installation, verify integrity where possible, and avoid silently falling back to another install source.
If installed as described, the skill may keep running checks and writing logs in the background.
The documentation describes a persistent scheduled job that runs every 30 minutes. It is disclosed and aligned with periodic version checking, but it continues operating outside the immediate user request.
自动添加到 crontab: ... */30 * * * * node /path/to/catch-my-skill/index.js check >> /home/orangepi/.openclaw/logs/catch-my-skill.log 2>&1
Confirm whether a crontab entry is actually installed, make scheduling opt-in, and document how to disable or remove the recurring job.