← 返回 Skills 市场
260
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install muguozi1-openclaw-auto-updater
功能描述
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of w...
安全使用建议
This skill appears to do what it says (set up daily updates), but review and test before enabling automatic runs. Actions to take before installing/enabling:
- Confirm provenance: the package metadata and registry header conflict (source unknown vs _meta.json claiming OpenClaw GitHub). Verify the repository URL and author outside the registry.
- Inspect the auto-update script it would create (~/.clawdbot/scripts/auto-update.sh) and run it manually in dry-run mode first (SKILL.md suggests `clawdhub update --all --dry-run`).
- Fix or confirm CLI names: docs mix 'clawhub' and 'clawdhub' and use 'clawdbot'; ensure the correct binaries exist on your system (run `which clawdbot`, `which clawdhub`/`clawhub`). The examples/scripts call 'clawhub' while docs call 'clawdhub' — this may be a typo that causes failures.
- Check filesystem and permission implications: global package updates (npm -g / pnpm -g / bun) may require elevated privileges and can modify globally installed packages — ensure you understand and have backups or ways to rollback.
- Run the commands manually or with `--dry-run` first to confirm expected output and that summaries/parsing are correct.
- If you will enable automatic delivery to external providers (Telegram, etc.), ensure tokens/credentials are provided separately and securely; the skill does not declare or require them.
Given the inconsistencies and the fact the skill runs system-level update commands, treat it as trusted only after manual verification and a successful dry-run. If you are uncertain about the origin, prefer manual update workflows instead of enabling automatic cron-based updates.
功能分析
Type: OpenClaw Skill
Name: muguozi1-openclaw-auto-updater
Version: 1.0.0
The skill is designed to automate system-wide updates for the OpenClaw agent and its installed skills by setting up a daily cron job. It utilizes high-risk capabilities including shell execution for package managers (npm, pnpm, bun), system-level updates (clawdbot update), and automated configuration changes (clawdbot cron add). While these actions are explicitly aligned with the stated purpose of an auto-updater, the inherent risk of automated code execution and system modification via cron qualifies it as suspicious under the provided criteria, despite the lack of clear malicious intent or evidence of data exfiltration.
能力评估
Purpose & Capability
The skill's stated purpose (daily auto-update of Clawdbot and skills) matches the provided instructions (cron job, npm/pnpm/bun/git update flows and clawdhub update). However metadata and provenance are inconsistent: registry header lists 'Source: unknown' and 'Homepage: none' while _meta.json/repository point to GitHub and author is 'OpenClaw Team' — this mismatch reduces trust. Also the code/docs reference multiple CLIs (clawdbot, clawdhub, clawhub, clawdhub) which is inconsistent and could cause failures.
Instruction Scope
SKILL.md and references instruct the agent/user to create scripts in the user's home (~/.clawdbot/scripts/auto-update.sh), write logs, and run package manager commands that modify system-global packages (npm update -g, pnpm, bun) and run 'clawdhub update --all'. The instructions reference commands (clawdhub / clawhub / clawdbot / clawdhub) that are not declared in requires.* metadata. The skill thus instructs actions that touch system state and external network resources (package registries, git), which is expected for an updater but warrants careful review before enabling automatic runs.
Install Mechanism
No install spec (instruction-only) and no download/extract steps are present; that is lower-risk from an installer perspective. The delivered files are docs and small helper scripts (examples/test) which are benign, but the runtime instructions will execute external CLIs already present on the system.
Credentials
The skill requests no environment variables or credentials. Customization prompts mention provider delivery (e.g., Telegram) but do not require or declare API tokens. This is proportionate to an auto-update utility — it needs CLI availability and filesystem permissions rather than secrets.
Persistence & Privilege
always is false and the skill does not request persistent privileged presence. It instructs creating a per-user cron job and a per-user script (writes under the user's home), which is appropriate for a user-level auto-updater. No evidence it modifies other skills' configs or system-wide agent settings beyond the described cron job.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install muguozi1-openclaw-auto-updater - 安装完成后,直接呼叫该 Skill 的名称或使用
/muguozi1-openclaw-auto-updater触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
auto-updater 1.0.0
- Initial release.
- Automatically checks for and installs updates for Clawdbot and all installed skills once daily via cron.
- Sends the user a summary report of updates applied and any issues encountered.
- Includes clear setup instructions, configuration options, and troubleshooting guidance.
元数据
常见问题
Muguozi1 Openclaw Auto Updater 是什么?
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 260 次。
如何安装 Muguozi1 Openclaw Auto Updater?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install muguozi1-openclaw-auto-updater」即可一键安装,无需额外配置。
Muguozi1 Openclaw Auto Updater 是免费的吗?
是的,Muguozi1 Openclaw Auto Updater 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Muguozi1 Openclaw Auto Updater 支持哪些平台?
Muguozi1 Openclaw Auto Updater 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux)。
谁开发了 Muguozi1 Openclaw Auto Updater?
由 muguozi1(@muguozi1)开发并维护,当前版本 v1.0.0。
推荐 Skills