ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Auto Updater Litiao

v1.0.0

Schedule automatic OpenClaw and skill updates with reliable cron templates, timezone-safe scheduling, and clear summary outputs. Use for hands-off maintenanc...

0· 200·1 current·1 all-time
by@litiao1224

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for litiao1224/openclaw-auto-updater-litiao.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Openclaw Auto Updater Litiao" (litiao1224/openclaw-auto-updater-litiao) from ClawHub.
Skill page: https://clawhub.ai/litiao1224/openclaw-auto-updater-litiao
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install openclaw-auto-updater-litiao

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-auto-updater-litiao
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md only describes scheduling cron jobs that run OpenClaw and clawdhub update commands and produce summaries. No unrelated credentials, binaries, or external endpoints are requested.
Instruction Scope
Instructions ask the agent/user to detect installation type, optionally create a helper script (~/.openclaw/scripts/auto-update.sh), write logs under ~/.openclaw/logs, and add cron entries. Reading home-paths and creating local scripts is within the updater's scope but is worth noting because it creates persistent artifacts and runs package-manager and update commands.
Install Mechanism
This is an instruction-only skill with no install spec or downloaded artifacts. No external archives or installers are suggested, so there is no install-time execution risk introduced by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested beyond touching ~/.openclaw and checking common package-manager/global install locations. That access is proportional to performing local updates.
Persistence & Privilege
The skill recommends adding cron jobs and optionally creating a helper script, which gives the updater persistent, scheduled execution. The skill is not marked always:true and does not request elevated system-wide privileges; however automatic scheduled updates can cause restarts or run network-updated code, so monitor and test before enabling widely.
Assessment
This skill appears to do what it says: schedule OpenClaw + ClawHub updates and emit summaries. Before installing, do the following: 1) Run the recommended dry-run mode first to see exactly what would change. 2) Inspect the exact cron message/commands you will schedule (and the optional ~/.openclaw/scripts/auto-update.sh) so you know what will run. 3) Confirm you trust ClawHub and any sources that provide skill updates (updating skills may pull third-party code). 4) Be aware npm/pnpm/bun global updates may require elevated permissions; prefer package-manager-safe workflows or run in an isolated/test environment. 5) Ensure you have backups and a rollback plan (updates can restart gateways). If you want extra safety, pin versions, restrict updates to 'core only' initially, and monitor the created log file under ~/.openclaw/logs.

Like a lobster shell, security has layers — review code before you run it.

latestvk9775hc8e6dd7rwtfy48ezy9ds833hzz
200downloads
0stars
1versions
Updated 48m ago
v1.0.0
MIT-0
@litiao1224
latest
Download

OpenClaw Auto-Updater

Run scheduled updates for OpenClaw and installed skills using cron messages (no scripts required). Focus: safe scheduling, predictable output, and minimal manual work.

What it does

  • Runs OpenClaw updates on a fixed schedule
  • Updates all installed skills via ClawHub
  • Sends a concise, readable summary (updated / unchanged / failed)

Setup (daily updates)

Daily at 03:30 Europe/Berlin:

openclaw cron add \
  --name "OpenClaw Auto-Update" \
  --cron "30 3 * * *" \
  --tz "Europe/Berlin" \
  --session isolated \
  --wake now \
  --deliver \
  --message "Run daily auto-updates: 1) openclaw update --yes --json 2) clawdhub update --all 3) report versions updated + errors."

Weekly (Sunday 04:00)

openclaw cron add \
  --name "OpenClaw Auto-Update (Weekly)" \
  --cron "0 4 * * 0" \
  --tz "Europe/Berlin" \
  --session isolated \
  --wake now \
  --deliver \
  --message "Run weekly auto-updates: openclaw update --yes --json; clawdhub update --all; summarize changes."

Safer modes

Dry run (no changes):

openclaw cron add \
  --name "OpenClaw Auto-Update (Dry)" \
  --cron "30 3 * * *" \
  --tz "Europe/Berlin" \
  --session isolated \
  --wake now \
  --deliver \
  --message "Check updates only: openclaw update status; clawdhub update --all --dry-run; summarize what would change."

Core only (skip skills):

openclaw cron add \
  --name "OpenClaw Auto-Update (Core Only)" \
  --cron "30 3 * * *" \
  --tz "Europe/Berlin" \
  --session isolated \
  --wake now \
  --deliver \
  --message "Update OpenClaw only: openclaw update --yes --json; summarize version change."

Summary format (recommended)

🔄 OpenClaw Auto-Update

OpenClaw: 2026.2.1 → 2026.2.2 (OK)
Skills updated: 3
Skills unchanged: 12
Errors: none

Troubleshooting

  • If updates fail, include the error in the summary.
  • Schedule off-hours; updates may restart the gateway.
  • Use explicit timezones to avoid surprises.

References

  • references/agent-guide.md → deeper implementation notes
  • references/summary-examples.md → formatting examples

Comments

Loading comments...