Back to skill
Skillv0.1.2
VirusTotal security
BYR CLI Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:09 AM
- Hash
- 245fc5826db2b720872bf9d61c0956777e94caa37eb91ea54909e960e8906f84
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: byr-cli Version: 0.1.2 The skill is classified as suspicious primarily due to the `byr auth import-cookie --from-browser` command described in `SKILL.md`. This command allows the `byr` CLI to access sensitive browser authentication cookies (from Chrome/Safari), which is a high-risk capability. While the skill's instructions frame this as a legitimate method for authenticating the `byr` CLI and include safeguards for other operations (e.g., dry-run for downloads), exposing a command that can read browser credentials, even for its stated purpose, presents a significant security vulnerability if the `byr` binary itself is compromised or if the agent is later prompted to misuse this capability for exfiltration. There is no clear evidence of intentional malicious behavior (e.g., instructions for data exfiltration or persistence) from the skill's instructions themselves, but the inherent risk of this capability makes it suspicious.
- External report
- View on VirusTotal