Back to skill
Skillv1.0.1
VirusTotal security
RunPod pod management · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:32 AM
- Hash
- 61a3b73ca7bfc4dc083b212733678611d528b05ce0e277bc0950e5e41ff74f5b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: runpod Version: 1.0.1 The skill is classified as suspicious due to its use of high-risk capabilities, specifically the `scripts/mount_pod.sh` script. This script utilizes `sshfs` to mount the remote RunPod instance's root filesystem (`root@$IP:/`) locally, which grants extensive file system access. It also handles SSH keys (`IdentityFile`) and uses `StrictHostKeyChecking=accept-new` with a dedicated `known_hosts` file, which, while plausibly needed for managing dynamic cloud environments, represents a significant security capability. There is no clear evidence of intentional malicious behavior, data exfiltration, or prompt injection attempts against the agent; the risky behaviors are aligned with the stated purpose of managing and interacting with RunPod instances.
- External report
- View on VirusTotal