← Back to Skills Marketplace
newageinvestments25-byte

Container Update Advisor

by New Age Investments · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
120
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install container-update-advisor
Description
Check running Docker containers for newer image versions and generate a prioritized update report. Fetches release notes and flags breaking changes vs safe u...
README (SKILL.md)

Container Update Advisor

Check all running Docker containers against Docker Hub for newer versions, fetch changelogs, and output a prioritized markdown report with risk flags.

Scripts

All scripts live in scripts/ relative to this file. Run from that directory.

Script Purpose
scan_containers.py List running containers + image tags (outputs JSON)
check_updates.py Query Docker Hub for newer versions (stdin/file → JSON)
fetch_changelog.py Fetch GitHub release notes for updated images (stdin/file → JSON)
format_report.py Render prioritized markdown report (stdin/file → stdout)

Full Pipeline

python3 scan_containers.py \
  | python3 check_updates.py \
  | python3 fetch_changelog.py \
  | python3 format_report.py

To save intermediate output for debugging, pass each script's output as a file argument to the next:

python3 scan_containers.py > /tmp/c.json
python3 check_updates.py /tmp/c.json > /tmp/u.json
python3 fetch_changelog.py /tmp/u.json > /tmp/ch.json
python3 format_report.py /tmp/ch.json

Risk Assessment Logic

  • Major version bump → 🔴 review first
  • Minor version bump → 🔴 review first (may have API changes)
  • Changelog mentions "breaking" → 🔴 review first
  • Patch bump only, no breaking keywords → 🟢 safe to update

What Gets Skipped

  • Containers using latest tag (no version to compare)
  • Digest-pinned images (sha256:... tags)
  • Non-Docker Hub registries (GHCR, ECR, etc.)
  • Private images (401/403 → skipped gracefully)
  • Non-semver tags (e.g. alpine, focal, slim)

GitHub Token (Optional)

Set GITHUB_TOKEN env var to increase GitHub API from 60 → 5,000 req/hr:

export GITHUB_TOKEN=ghp_yourtoken

Reference

See references/setup-guide.md for scheduling, rate limits, and how image matching works.

Usage Guidance
This skill appears to do what it claims. Before installing or running: 1) Review the scripts locally (they are included) if you want to confirm behavior. 2) Understand it requires access to the Docker CLI/daemon (it runs 'docker ps' and 'docker info'), so it will list your running containers — treat this as sensitive metadata. 3) The tool will make outbound requests to Docker Hub and GitHub using image names and inferred repo URLs; private/internal image names may be revealed to those services if images are hosted there. 4) Only provide a GITHUB_TOKEN if you accept using that token to authenticate calls to api.github.com (no scopes are required for public repo reads, but treat tokens as secrets). 5) If you run this on a machine with sensitive or internal-only images, consider running it in a controlled environment or auditing the behavior first by running the scripts with saved intermediate JSON files to inspect what would be sent externally.
Capability Analysis
Type: OpenClaw Skill Name: container-update-advisor Version: 1.0.0 The container-update-advisor skill bundle is a legitimate tool for auditing Docker container versions. It uses standard system calls (docker ps) and public APIs (Docker Hub, GitHub) to identify outdated images and fetch release notes. The code follows security best practices, such as using subprocess with argument lists to prevent shell injection and implementing rate-limiting to avoid API abuse. No evidence of data exfiltration, malicious persistence, or prompt injection was found across the scripts (scan_containers.py, check_updates.py, fetch_changelog.py, format_report.py) or documentation.
Capability Assessment
Purpose & Capability
Name/description match the included scripts: scanning local Docker containers, checking Docker Hub tags, fetching GitHub release notes, and formatting a report. No unrelated credentials, binaries, or installers are requested.
Instruction Scope
SKILL.md explicitly instructs running the four scripts in pipeline. The scripts run the 'docker' CLI to list containers and make outbound requests to Docker Hub and GitHub APIs (expected). Note: container image names, namespaces, and tags are sent to Docker Hub/GitHub as part of the checks — this is necessary for the feature but is network-exfiltration of container metadata by design.
Install Mechanism
Instruction-only skill with bundled Python scripts; there is no install spec and nothing is downloaded from remote URLs. No archives or external install operations are performed.
Credentials
No required env vars. One optional env var (GITHUB_TOKEN) is documented and used only to increase GitHub API rate limits. No other secrets or unrelated credentials are requested.
Persistence & Privilege
Skill is not always-enabled and does not request elevated persistent privileges or modify other skills or system configuration. It runs on-demand and only executes local docker CLI commands and outbound API calls.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install container-update-advisor
  3. After installation, invoke the skill by name or use /container-update-advisor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Check Docker containers for newer image versions, fetch changelogs, flag breaking changes vs safe updates.
Metadata
Slug container-update-advisor
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Container Update Advisor?

Check running Docker containers for newer image versions and generate a prioritized update report. Fetches release notes and flags breaking changes vs safe u... It is an AI Agent Skill for Claude Code / OpenClaw, with 120 downloads so far.

How do I install Container Update Advisor?

Run "/install container-update-advisor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Container Update Advisor free?

Yes, Container Update Advisor is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Container Update Advisor support?

Container Update Advisor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Container Update Advisor?

It is built and maintained by New Age Investments (@newageinvestments25-byte); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments