← Back to Skills Marketplace

Smart Updater

Name: Smart Updater
Author: yuanhui

by yuanhui · GitHub ↗ · v1.1.0 · MIT-0

cross-platform ⚠ suspicious

328

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install smart-updater

Description

Intelligent upgrade management for OpenClaw skills, extensions, and core. HITL (Human-in-the-Loop) mode: scan installed assets, read changelogs, analyze risk...

Usage Guidance

This skill implements an appropriate updater workflow (inventory → scan → changelog → HITL decision → gated upgrades) and includes helpful safety gates, but there are practical risks you should consider before installing or running it: - Required tooling mismatch: The registry metadata declares no required binaries, yet the scripts call curl, unzip, npm, git, clawhub, and openclaw. Ensure those tools exist and you accept granting the skill the ability to run them. - Untrusted mirror: The upgrade path tries a SkillHub mirror (a Tencent COS URL) and will download zips and extract them over installed code. If you do not trust that mirror or its operator, upgrades could replace local code with malicious content. Prefer code from authoritative sources (npm/GitHub/ClawHub) or require signed artifacts. - No integrity checks: Downloads are not checksummed or signature-verified. Consider adding verification (SHA256 checksums or signatures) or restrict the skill to use only sources you control. - Filesystem modifications: The scripts will copy, remove, and overwrite files under ~/.openclaw, perform backups, clear caches (rm -rf /tmp/jiti/), and run npm install -g / clawhub / gateway operations. Test on a non-production machine or review the scripts line-by-line to confirm behavior before running. - Autonomous invocation risk: If you enable scheduling/autoUpgrade features, be cautious — automatic runs plus an unverified mirror increases risk. Keep autoUpgrade off or restrict to 'patch' and/or to assets you explicitly trust. Actionable next steps: 1) Inspect the three scripts locally (inventory.sh, scan.sh, upgrade.sh) and confirm you accept each external endpoint and command. 2) If you intend to use it, pin the mirror domain or disable SkillHub mirror downloads; add checksum/signature verification in upgrade.sh. 3) Run initial scans in dry-run mode and review generated inventory.json and scan-result.json before approving any upgrades. 4) Prefer performing upgrades manually for high‑risk/core assets (openclaw core, extensions) until you are confident in the upgrade path and mirror trust.

Capability Analysis

Type: OpenClaw Skill Name: smart-updater Version: 1.1.0 The 'smart-updater' skill provides a comprehensive framework for managing OpenClaw updates with a 'Three Gates' safety model (backup, isolation, and verification). However, it is classified as suspicious because it introduces a third-party supply chain risk by prioritizing a non-official mirror (SkillHub via a Tencent Cloud COS bucket: skillhub-1388575217.cos.ap-guangzhou.myqcloud.com) for downloading and extracting skill ZIP files in 'scripts/upgrade.sh'. While the intent appears to be performance optimization for specific regions, the execution of high-privilege operations—including global NPM installs, git pulls, and unauthenticated remote ZIP extraction—poses a significant security risk without explicit verification of the remote mirror's integrity.

Capability Assessment

⚠ Purpose & Capability

The name/description match the actual behavior: inventory, scan, changelog fetch, risk assessment, and upgrade. However the registry metadata says 'no required binaries' while the shipped scripts clearly call many external commands (curl, unzip, npm, git, clawhub, openclaw, etc.). That mismatch (declaring zero required binaries but using many) is an incoherence — an operator must have those tools available for the skill to run correctly.

⚠ Instruction Scope

SKILL.md instructs the agent to run the included scripts which read local OpenClaw config, enumerate & read SKILL.md files, contact remote registries, and — if user approves — perform destructive actions (rm -rf, cp -r, unzip over installed directories, npm install -g, clawhub update, restart gateway). This scope is consistent with an updater, but the scripts download and extract code from a remote mirror and then overwrite installed skill/extension directories without any signature or checksum verification. That lack of integrity verification increases risk.

⚠ Install Mechanism

There is no packaged install step (instruction-only / script bundle), which is low risk normally. But upgrade.sh attempts to download skill zips from a third-party SkillHub mirror hosted on a Tencent COS URL (skillhub-...cos.ap-guangzhou.myqcloud.com) and extracts them over local installs. Download+extract from an external URL without cryptographic verification (no checksums, no GPG/PKI signature checks) is high-risk behavior if you do not fully trust the mirror/origin.

✓ Credentials

The skill does not request API keys or extra credentials and does not declare required environment variables; it does read local OpenClaw config files (e.g., ~/.openclaw/openclaw.json) and uses $HOME paths — which is expected for an updater. There are no unexplained credential requests. However, because scripts interact with system files and may invoke gateway restart and npm install -g, ensure those operations are acceptable in your environment.

ℹ Persistence & Privilege

The skill is not marked 'always: true' and is user-invocable. It can be invoked autonomously by models (disable-model-invocation=false), which is platform-default. Combined with the capability to download and overwrite code from remote mirrors, this raises the blast radius if the skill were invoked automatically or scheduled. The scripts also create backups and logs under ~/.openclaw, which is expected for an updater.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install smart-updater
After installation, invoke the skill by name or use /smart-updater
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.1.0

feat: SkillHub integration

v1.0.0

v1.0.0 — Intelligent update management for OpenClaw ecosystems. Features: - Full asset inventory across 4 sources: npm packages, ClawHub skills, GitHub-cloned skills, and local/manual installs - Three-source update scanning with automatic changelog fetching via clawhub inspect - Three Gates safe upgrade framework: Pre-flight (backup + conflict check) → Isolation (atomic upgrade) → Post-flight (version verify + rollback on failure) - Human-in-the-loop workflow: scan → read changelogs → assess risk → report → wait for user approval before any upgrade - Cross-platform support (ARM + Intel macOS) Safety: - Never upgrades without explicit user approval - Automatic backup with timestamped snapshots before any change - Instant rollback if any gate fails - Blocks untracked extensions (local/github) from auto-upgrade

Metadata

Slug smart-updater

Version 1.1.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Smart Updater?

Intelligent upgrade management for OpenClaw skills, extensions, and core. HITL (Human-in-the-Loop) mode: scan installed assets, read changelogs, analyze risk... It is an AI Agent Skill for Claude Code / OpenClaw, with 328 downloads so far.

How do I install Smart Updater?

Run "/install smart-updater" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Smart Updater free?

Yes, Smart Updater is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Smart Updater support?

Smart Updater is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Smart Updater?

It is built and maintained by yuanhui (@yuanhui); the current version is v1.1.0.

More Skills