Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed. The skill's instructions are consistent with its s
Security
High Risk
Quality
Watch · 62
Install
manual only
Audit version
audit-standard-v2
Source metrics come from upstream registries/repositories. Platform metrics come from user actions on SkillTrust and are protected by dedupe/rate-limit anti-abuse rules.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed. The skill's instructions are consistent with its stated purpose (setting up a daily cron job to update Clawdbot and installed skills); it does not request extra credentials or install arbitrary code itself, but auto-applying updates carries operational risk (trust in the registry and permissions). This skill is internally coherent and does what it says: it will create a script and add a daily cron job that runs 'clawdbot' and 'clawdhub' update commands and then message you a summary. Before installing, consider: 1) Auto-updates implicitly trust the registry and update channels — if the registry or an updated package is malicious you could auto-install it; consider using dry-run ('clawdhub update --all --dry-run') or limiting updates to specific skills. 2) Global package updates (npm/pnpm/bun) may require elevated permissions; avoid running the cron job as root. 3) The script/logs are placed in ~/.clawdbot/ — review and backup before enabling. 4) Confirm clawdbot and clawdhub are present and working locally. 5) If you want tighter control, run updates manually or weekly, or configure the cron job to notify you for manual approval. If you want me to propose a safer variant (e.g., dry-run + email/notification for approvals, or limited-scope updates), I can produce the modified SKILL.md and cron commands.
• Add explicit When to Use / Guidelines sections.
• Provide at least one concrete input-output example.
• Publish versioned changelog and update cadence.
• Document compatibility and breaking-change policy.
• Expand capability limits and boundary conditions.
Is this a security certification?
No. SkillTrust audit is advisory and should be combined with your own review controls.
Can I install directly from this page?
No one-click install is provided. Use command guidance and run in your controlled environment.
Automatically checks for and applies updates to Clawdbot and all installed skills once daily via cron. Sends the user a message summarizing what was updated and any issues encountered.
Official source did not expose a direct install command.
Open official docsInstall method: instruction-only
Quick install
Quick preflight
Read source docs and verify prerequisites manually.Preflight checks
Post-install signal
Installed successfully? Send an activation signal to improve ranking quality over time.
Audit score 60 / 100. Risk guidance is advisory only; review evidence before install.
• Add troubleshooting and FAQ for common failures.
• Improve discoverability through verified source channels.
• Publish usage examples to increase activation quality.
• Reduce shell/file/network scope and document least privilege.
• Expose explicit provenance, dependency pinning, and security notes.
• Provide structured install + rollback steps for each supported agent.
• Mark official/verified status and keep metadata timestamps fresh.
Moderately fresh; review release notes before install.
Audit guidance: 60 / 100 · high
Scores with similar values can still differ in confidence; use evidence and risk lines below for final install judgment.
Risk 60 · Δ +0 · Findings 5
Apr 3, 2026 · auto
Latest high risk result from audit-standard-v2.