Back to skill
Skillv1.0.0
VirusTotal security
skill-refiner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:15 AM
- Hash
- 37446547783717aa5374ff3e1fafde32967a8ec4316f65f8b1063b7959a4e5a8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skill-refiner Version: 1.0.0 The skill-refiner bundle is designed to audit and fix OpenClaw skills for compliance. While its core scripts (`audit_skill.py`, `find_skills.sh`) are purely analytical, the `SKILL.md` contains explicit instructions for the AI agent to perform high-risk file system operations, including deleting files (e.g., `README.md`, `CHANGELOG.md`), moving skill directories to a new location (`~/.openclaw/workspace/skills/`), and renaming directories. These actions, though aligned with the stated purpose of 'fixing' skills, represent significant capabilities for modifying the workspace. There is no clear evidence of malicious intent (e.g., data exfiltration, backdoor installation), but the broad file system access and modification instructions make it a powerful administrative tool that could lead to unintended data loss or system changes if misused or if the agent's interpretation is flawed, classifying it as suspicious due to these risky capabilities.
- External report
- View on VirusTotal