Back to skill
Skillv0.1.0
VirusTotal security
Inspirai Project · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:27 AM
- Hash
- 448614cc01650d2ce2d58036dd05e5f81c87ee2542c722ade3076996d335310b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: inspirai-project Version: 0.1.0 The skill bundle facilitates multi-agent project management by interacting with the Discord API, which requires reading sensitive bot tokens from `~/.openclaw/openclaw.json`. The helper script `discord-threads.py` includes a `config` command that prints the plaintext token to stdout, posing a risk of credential exposure to the agent's logs or output. While the functionality is clearly aligned with the stated purpose and includes safety steps like requiring user confirmation before execution, the combination of credential access, local file system reads, and network interaction with `discord.com` constitutes a high-risk profile.
- External report
- View on VirusTotal