Back to skill
Skillv1.0.0
VirusTotal security
InspirAI API Spec · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:27 AM
- Hash
- 539e3e46057e453ce292a27d2151202877cd683016df7b0f817f593f0e22edc2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: inspirai-apispec Version: 1.0.0 The skill automates the extraction of API metadata from local source code (Go, Node.js, Python) and performs automated 'git push' operations to a remote repository. While this behavior is consistent with the stated goal of managing cross-project API documentation, the automated exfiltration of project structure, routes, and handler logic to a remote Git registry poses a significant privacy and security risk. The instructions in SKILL.md also involve broad shell command execution (find, git) and cloning external repositories, which could be exploited if the target repository or project configuration is compromised.
- External report
- View on VirusTotal