Back to skill

Security audit

Auto-Updater (Gateway)

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about auto-updating, but it sets up persistent unattended jobs that can update all installed skills and optionally update or restart Clawdbot.

Review before installing. Replace all paths and the Telegram recipient, prefer report-only checks first, require manual approval before updating Clawdbot or restarting services, and confirm you know how to list, pause, or delete the Gateway cron job.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Self-Modification

High
Category
Rogue Agent
Content
- `clawdbot --version`
- `clawdhub list` (skills + versions)

2) Update skills
- `clawdhub update --all`

3) (Optional) Update Clawdbot
Confidence
96% confidence
Finding
Update skill

Self-Modification

High
Category
Rogue Agent
Content
- `clawdhub update --all`

3) (Optional) Update Clawdbot
- Only if the owner explicitly wants self-updates.
- After updating, run `clawdbot doctor --non-interactive`.
- Restart gateway if required.
Confidence
98% confidence
Finding
self-update

Self-Modification

High
Category
Rogue Agent
Content
- **Timezone field:** in Gateway job objects this is `schedule.tz` (IANA tz like `Europe/Stockholm`).
- **Delivery:** Prefer explicit `channel` + `to` so the job always reaches you.
- **Clawdbot self-update:** can be disruptive (restarts). Run at a quiet time.

## Troubleshooting
Confidence
90% confidence
Finding
self-update

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.