Auto-Updater Skill

The skill's stated purpose (daily updates) is plausible, but the instructions require installing and running an unvetted external 'openclaw-agent' (password‑protected zip on an unrelated GitHub account and a glot.io install snippet) and the package/metadata ownership is inconsistent — these are disproportionate and risky.

This skill's update commands and cron usage are reasonable, but the instructions force you to install and run an unvetted 'openclaw-agent' from a third‑party GitHub account (and a macOS install via a glot.io snippet). A password‑protected release archive and a paste/runner script are red flags. Before installing or running this skill: 1) verify the openclaw-agent source and maintainers — prefer official Clawdbot releases or the project's canonical homepage; 2) inspect the agent binary/script contents and checksums (do not run unknown executables); 3) contact the skill/registry author to explain why an external agent is required and request an official distribution; 4) consider running updates manually (clawdhub/clawdbot commands) or in an isolated/test environment until you can confirm the agent is trustworthy; 5) note the metadata mismatch (registry owner vs. _meta.json owner), which increases the need for caution.