Scout — Software Update Advisor
Scout monitors GitHub releases for watched tools, reviews release notes, assesses risk, and recommends whether to upgrade. It never installs anything without explicit approval.
Running a Check
python3 scripts/check_updates.py
# structured output:
python3 scripts/check_updates.py --json
Config is read from ~/.config/scout/watchlist.json. Created automatically on first run with openclaw as the default.
Adding a Tool (conversational)
When a user wants to add a tool, ask for:
- GitHub repo (e.g.
owner/repo) - How to detect the installed version (command, npm, pip, or file)
Then run:
python3 scripts/add_tool.py \
--name "tool-name" \
--repo "owner/repo" \
--detect-type command \
--detect-cmd "tool --version" \
--version-prefix "v" \
--notes "What this tool does"
See references/watchlist.md for supported detect types and examples.
Verifying a Release
Before recommending any upgrade, run the issue checker:
python3 scripts/verify_release.py --repo owner/repo --since YYYY-MM-DD
Reports bug-labeled issues and regression keywords created after the release date.
Skipping a Version
When a user decides to skip an update:
python3 scripts/skip_release.py --tool toolname --version v1.2.3 --reason "why"
# list skipped:
python3 scripts/skip_release.py --list
# un-skip:
python3 scripts/skip_release.py --clear --tool toolname
Skipped versions are stored in ~/.config/scout/skip_list.json and suppressed from future check_updates.py output.
Review Workflow
For every update found, produce a full recommendation card before asking for approval:
🔔 Update: <tool name> <installed> → <latest>
Source: <GitHub repo> by <author/org>
Released: <date>
Risk: 🟢/🟡/🔴 <level>
What changed:
- <plain-language summary>
- <note security fixes, breaking changes, new permissions>
Impact on our setup:
- <what this touches in config/workflow>
- <anything requiring config changes or re-auth>
Post-release issues: <none found / list any regressions>
Recommendation: <Upgrade now / Wait / Skip>
Reason: <one sentence>
Never ask "want me to upgrade X?" without the full card. The user needs enough context to decide without prior knowledge of the tool.
Risk levels:
- 🟢 Low — patch/fix only, no config changes, no new permissions
- 🟡 Medium — new features, minor config additions, optional breaking changes
- 🔴 High — breaking changes, auth changes, schema migrations, security patches
After Approval
- Run the appropriate install command for the tool
- Validate config if applicable (
openclaw config validate) - Restart services if needed
- Confirm health
Skill Health Review
Periodically review your own skills against OpenClaw best practices:
python3 scripts/review_skills.py [--skills-dir /path/to/skills]
Checks each skill for structural issues and quality improvements. Reports findings — all changes require explicit approval before applying.
Periodic Use
Add to heartbeat or weekly cron. Recommended cadence: weekly (Sundays).