Back to skill
Skillv1.0.2
VirusTotal security
Cursor Agent for OpenClaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:26 AM
- Hash
- eb72e50ea60877c56d909d81a45561ab6248ed6cbe352ec816d1641a395d17c4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cursor-agent-openclaw Version: 1.0.2 The skill provides an interface to the Cursor Agent CLI, which possesses high-risk capabilities including arbitrary file modification and shell execution. While the documentation in SKILL.md emphasizes user consent and read-only defaults, the implementation in scripts/run.sh utilizes the --trust and --force flags, which bypasses internal CLI safety prompts. The presence of future-dated model versions (e.g., sonnet-4.6, gpt-5.3) in references/models.md is unusual, though no clear evidence of intentional malice or data exfiltration was found.
- External report
- View on VirusTotal