← Back to Skills Marketplace
455
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-self-update
Description
Update OpenClaw to the latest version. Use when asked to "update yourself", "upgrade openclaw", "check for updates", or "update to latest version". Handles n...
Usage Guidance
This updater appears to do only what it says: check npm, install the latest openclaw package, and restart the gateway. Before running it, verify you trust the npm 'openclaw' package owner and consider running on a test system first. Make sure Node.js/npm and the openclaw CLI are installed and in PATH (the metadata doesn't list these prerequisites). Global npm installs may require sudo and will modify system-wide packages; expect short gateway downtime while restarting. If you need stronger guarantees, inspect the package's npm page, its release notes/CHANGELOG, and verify package integrity (signatures/checksums) before performing the update on production systems.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-self-update
Version: 1.0.0
The skill is classified as suspicious due to its use of high-privilege commands and inherent supply chain risks. The `SKILL.md` and `scripts/update.sh` files instruct the agent to execute `npm install -g openclaw@latest`, which can run arbitrary code via `package.json` scripts from the installed package. Additionally, `SKILL.md` suggests using `sudo npm install -g openclaw@latest` for permission issues, indicating a privilege escalation capability. While these actions are aligned with the stated purpose of updating the OpenClaw agent, they represent significant risky capabilities that could be exploited in a supply chain attack or if the agent is compromised.
Capability Assessment
Purpose & Capability
The SKILL.md and scripts/update.sh implement exactly what the name/description promise: checking versions, running 'npm install -g openclaw@latest', restarting the gateway, and verifying the version. One minor inconsistency: metadata lists no required binaries, but both the README and the script rely on the 'npm' and 'openclaw' CLIs being present in PATH. This is an omission in metadata, not a functional mismatch.
Instruction Scope
Instructions and the script stay within the updater's scope: they check npm for the latest package, run npm to install, restart the gateway, and show a changelog hint. The script does not read unrelated system files, access other environment variables, or send data to third-party endpoints beyond the normal npm registry.
Install Mechanism
There is no separate install spec; the updater uses the system's npm to fetch the package from the npm registry. This is expected for an npm-based update, but it means the operation will fetch and execute code from the public npm registry — verify the package's publisher and integrity before running on production systems.
Credentials
The skill declares no environment variables or credentials and the script does not attempt to read secrets. It does, however, assume privileges to perform a global npm install (may require sudo) and to start/stop the gateway. Those privilege requirements are proportional to updating a globally installed CLI and restarting its service.
Persistence & Privilege
always is false, the skill is user-invocable and does not request persistent presence or modify other skills' configurations. It does restart the OpenClaw gateway as part of its normal operation, which is appropriate for applying updates.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-self-update - After installation, invoke the skill by name or use
/openclaw-self-update - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Auto-update OpenClaw via npm with version check, gateway restart, and verification
Metadata
Frequently Asked Questions
What is OpenClaw Self-Update?
Update OpenClaw to the latest version. Use when asked to "update yourself", "upgrade openclaw", "check for updates", or "update to latest version". Handles n... It is an AI Agent Skill for Claude Code / OpenClaw, with 455 downloads so far.
How do I install OpenClaw Self-Update?
Run "/install openclaw-self-update" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Self-Update free?
Yes, OpenClaw Self-Update is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenClaw Self-Update support?
OpenClaw Self-Update is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Self-Update?
It is built and maintained by jchen0824 (@jchen0824); the current version is v1.0.0.
More Skills