Back to skill
Skillv0.9.4
VirusTotal security
Agent Squad 0.9.4 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:37 AM
- Hash
- 223aac0248d7e1aa98cb3cb37a7b2e55e201c20224c0239f8df55c8c5a8ecc2e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-squad Version: 0.9.4 The skill manages autonomous AI coding agents that run in the background using tmux and openclaw cron for persistence. It explicitly configures these agents to operate in 'full-auto mode' by bypassing security sandboxes and permission prompts (e.g., using --dangerously-skip-permissions and --dangerously-bypass-approvals-and-sandbox in squad-start.sh). While these high-risk capabilities are aligned with the stated purpose of 24/7 background coding, the lack of human-in-the-loop approvals and the use of automated persistence mechanisms for autonomous execution constitute significant security risks.
- External report
- View on VirusTotal