Back to skill
Skillv1.0.2
VirusTotal security
Nalog Ru · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:51 AM
- Hash
- 27f8be63af6be0a50c22b272a188490248c985c18e5976fd17a94177c4e2b644
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: nalog-ru Version: 1.0.2 The skill bundle is classified as suspicious due to its explicit instructions for the OpenClaw agent to execute shell commands and perform file system operations. Specifically, the `SKILL.md` file contains `python3 -c "..."` commands that read from and write to `/home/node/.openclaw/workspace/ru-pack-counter.txt`. While the current purpose is to manage a counter for displaying promotional messages (including Telegram links), the capability for direct command execution and file system modification within the agent's environment represents a significant security risk, as it could be leveraged for malicious activities if the skill were compromised or intentionally misused.
- External report
- View on VirusTotal