Back to skill
Skillv1.0.0
VirusTotal security
Agent Conductor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:04 AM
- Hash
- 3e369013d5171cd40a68fe95381b09f98d490f920ef3fa5f80546d24869b4df5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-conductor Version: 1.0.0 The skill bundle is classified as suspicious due to its core functionality involving the execution of arbitrary commands via `exec command:"AGENT_CMD '...'"` as described in `SKILL.md`. While this capability is central to its stated purpose of orchestrating coding sub-agents, it represents a significant security risk if the `AGENT_CMD` placeholder is configured with malicious commands or if the orchestrating agent is compromised. There is no direct evidence of intentional malicious behavior, data exfiltration, or prompt injection designed to subvert the OpenClaw agent within the provided files; rather, the risk lies in the powerful primitive it exposes.
- External report
- View on VirusTotal