sys-updater
WarnAudited by ClawScan on May 10, 2026.
Overview
This updater is mostly aligned with system maintenance, but it can make scheduled package and agent-skill changes while some documentation understates or conflicts with those automatic changes.
Install only if you intentionally want autonomous system maintenance. Before scheduling it, verify the sudoers rules do not allow more than you expect, decide whether planned apt/npm/brew upgrades should ever run automatically, and consider disabling or quarantining OpenClaw skill auto-updates.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If sudo permissions are broader than the documented safe subset, the skill could change installed system packages automatically based on its planned state.
The code can attempt root-level apt package installation for planned packages, while the documented sudoers scope says only update, simulation, and unattended-upgrade are allowed and says no package installation/removal through sudo.
log.info("Running: sudo apt-get install -y %s", " ".join(targets))
cp = sh(sudo_cmd(["apt-get", "install", "-y", *targets])Keep sudoers limited to the documented commands unless you explicitly want apt installs; if planned apt installs are intended, document them clearly and require explicit user approval before enabling.
A bad or compromised skill update could alter the agent’s behavior without the user reviewing the new skill version first.
Automatically updating OpenClaw skills can change future agent behavior, and this path explicitly skips the quarantine/review model used for other non-security updates.
skills: auto-update immediately (no quarantine)
Disable immediate skill auto-updates by default, pin skill versions, or add the same quarantine/review and rollback controls used for package updates.
A user may install or schedule the skill believing it only reports non-security updates, when some paths can apply planned updates automatically.
This safety claim conflicts with other provided artifacts that describe applying planned npm/brew upgrades and code that attempts planned apt installs.
Security updates are applied automatically via `unattended-upgrade`, but non-security upgrades are never applied automatically—only tracked and reported.
Align all documentation with actual behavior and clearly separate report-only, auto-review, and auto-upgrade modes.
Once scheduled, the updater can keep running daily and apply approved/planned changes in the background.
The skill is intended to run persistently on a schedule. This is disclosed and purpose-aligned, but it means maintenance actions continue without an interactive prompt each time.
Requires 4 cron jobs: 1. `run_6am` ... 4. `upgrade_3d` — T+3 days 06:00 MSK (apply planned)
Review cron/systemd/OpenClaw schedules, start with dry-run/report-only operation, and monitor logs and state files.