Back to skill
Skillv1.0.0
VirusTotal security
context-not-control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:10 AM
- Hash
- d5950b2869c21c65a1f8138333ebc3ed826b864d583a35741763085dec2064c8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: context-not-control Version: 1.0.0 The skill bundle implements a 'Context, not Control' workflow that explicitly encourages granting the AI agent high levels of autonomy. The instructions in SKILL.md and references/permission-levels.md direct the agent to perform high-risk actions—such as writing and deploying code, installing system dependencies, and modifying configurations—without user confirmation when 'Master Mode' is enabled. While these capabilities are aligned with the stated architectural philosophy, they represent a significant security risk by removing human-in-the-loop oversight for potentially destructive operations. The accompanying Python scripts (e.g., scripts/permission_check.py and scripts/init_context.py) are functional and lack traditional malware traits, but the framework itself facilitates unverified execution.
- External report
- View on VirusTotal