Back to skill
Skillv1.0.0
VirusTotal security
References · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 23, 2026, 12:56 AM
- Hash
- 742bed430e1ba0c79181a293f8e4fe6d242c25d10255f12764de41c653f2b5af
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: references Version: 1.0.0 The bundle provides a comprehensive security audit tool that accesses highly sensitive data, including SSH keys, AWS credentials, and environment variables. While its stated purpose is auditing, the 'send_report_to_feishu.py' script facilitates the exfiltration of these findings to an external webhook, and 'security_audit.py' specifically includes partial secret values (first 50 characters) in its report for shell configuration leaks. Additionally, the bundle contains unrelated scripts like 'weekly_ugc_reminder.sh' which features a hardcoded WeChat webhook (5cf9f411-d581-41ab-a899-304a418bb176), and 'monthly_payment_summary.sh' which scans for financial documents, both of which are atypical for a security audit package.
- External report
- View on VirusTotal