OpenClaw
install-then-update-trap-detector
Helps detect the install-then-update attack pattern — where a skill passes initial security review cleanly, then silently introduces malicious behavior through an automatic update that bypasses re-audit. v1.1 adds cryptographic chain-of-custody verification for update sequences.
2.8k stars
openclaw/skillsskills/andyxinweiminicloud/install-then-update-trap-detectorMarch 14, 2026
Install command
python "$CODEX_HOME/skills/.system/skill-installer/scripts/install-skill-from-github.py" --repo openclaw/skills --path skills/andyxinweiminicloud/install-then-update-trap-detectorTell me the task — I'll narrow the agent shortlist.
