Skills
skills/teylersf/openclaw-auto-updater/auto-updater/Gen Agent Trust Hub

auto-updater

Warn

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • Persistence Mechanisms (HIGH): The skill documentation and metadata describe creating a cron job (0 4 * * * ~/update-openclaw.sh) to ensure the update script runs daily at 4 AM. This establishes persistence on the host system, a technique often used by malware to maintain control or execute payloads across sessions.
  • Unverifiable Dependencies & Remote Code Execution (MEDIUM): The command openclaw update.run is designed to download and execute code from a remote source to update the agent. This creates a supply-chain risk where a compromise of the update server would lead to the execution of malicious code on the user's machine.
  • Time-Delayed / Conditional Attacks (MEDIUM): The use of a scheduled cron job gates the execution of potentially sensitive commands (stopping/starting services and running updates) to a specific time (4 AM), which can be used to hide malicious activity during low-monitoring periods.
  • Command Execution (LOW): The skill invokes several shell commands including openclaw gateway stop, openclaw update.run, and openclaw gateway start via a generated shell script located in the user's home directory.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 21, 2026, 04:35 AM