← Back to Skills Marketplace
Os Update Checker
by
Paul Frederiksen
· GitHub ↗
· v1.2.1
· MIT-0
357
Downloads
1
Stars
2
Active Installs
5
Versions
Install in OpenClaw
/install os-update-checker
Description
Check for available OS package updates with per-package changelog summaries and risk classification. Supports apt (Debian/Ubuntu), dnf (Fedora/RHEL), yum (Ce...
Usage Guidance
This skill appears to do what it says: list upgradable packages and fetch changelogs. Before installing or running it, consider: 1) Network/privacy — changelog fetches (especially npm registry calls) will send package names to remote servers; run with --no-changelog if you need a purely local check. 2) Least privilege — run the script as an unprivileged user or inside a container if you want to limit what package manager metadata can reveal. 3) Inspect the bundled script yourself (scripts/check_updates.py) if you want to confirm there are no hidden network endpoints beyond standard registries. 4) If you operate in a locked-down environment, test in a staging VM to confirm the commands used are acceptable for your policies.
Capability Analysis
Type: OpenClaw Skill
Name: os-update-checker
Version: 1.2.1
The os-update-checker skill is a well-structured, read-only utility for monitoring package updates across multiple platforms (apt, dnf, pacman, brew, npm, etc.). The code in scripts/check_updates.py follows security best practices by using subprocess.run with shell=False and validating all package names against strict regex patterns before execution. The only network activity is a legitimate request to the official npm registry (registry.npmjs.org) to fetch metadata for global packages, and the SKILL.md instructions contain no evidence of prompt injection or malicious directives.
Capability Assessment
Purpose & Capability
Name/description match the provided code and SKILL.md. The included Python script implements discovery of package managers, listing upgradable packages, fetching changelogs, and classifying risk — which is exactly the stated purpose. There are no unexpected credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md and the script are consistent about using read-only package manager commands and fetching changelogs. However, fetching changelogs (apt via apt changelog, npm registry via HTTPS) will perform outbound network requests and therefore may disclose the list of packages (or package names) to upstream servers. This behavior is documented in SKILL.md but is the primary privacy/network surface to be aware of.
Install Mechanism
There is no install spec (instruction-only skill) and the code is bundled in the skill. Nothing in the manifest downloads or executes external archives or adds persistent binaries. Risk from the install mechanism is low.
Credentials
The skill requests no environment variables or credentials, which is proportionate. It does perform network I/O (apt changelog, npm registry via urllib), which is reasonable for changelog fetching but could expose package names to remote endpoints. No elevated privileges are requested in metadata, but some package manager commands may behave differently when run as root vs unprivileged user.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify agent/system configuration. It simply runs read-only commands at invocation time.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install os-update-checker - After installation, invoke the skill by name or use
/os-update-checker - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.1
## os-update-checker 1.2.1
- Updated README.md for clearer documentation.
- No changes to functionality or code; documentation only.
v1.2.0
Add npm global packages backend: NpmBackend uses npm outdated -g --json, detect_backends() runs OS + npm in a single pass, registry metadata via stdlib urllib.request
v1.1.0
Cross-platform support: apt, dnf, yum, pacman, zypper, apk, brew. Pluggable backend architecture with per-backend name sanitization. VirusTotal-clean: shell=False, specific exceptions, full type hints and docstrings.
v1.0.1
VirusTotal hardening: removed unused imports, package name allowlist validation, split exception handlers, explicit shell=False comments, complete docstrings on all functions
v1.0.0
Initial release: apt update checker with per-package changelog summaries and risk classification
Metadata
Frequently Asked Questions
What is Os Update Checker?
Check for available OS package updates with per-package changelog summaries and risk classification. Supports apt (Debian/Ubuntu), dnf (Fedora/RHEL), yum (Ce... It is an AI Agent Skill for Claude Code / OpenClaw, with 357 downloads so far.
How do I install Os Update Checker?
Run "/install os-update-checker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Os Update Checker free?
Yes, Os Update Checker is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Os Update Checker support?
Os Update Checker is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Os Update Checker?
It is built and maintained by Paul Frederiksen (@pfrederiksen); the current version is v1.2.1.
More Skills