Back to skill
Skillv1.5.0
VirusTotal security
Travel Concierge CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:23 AM
- Hash
- ce4619b280bbaedcb53dda5fb47d23ed601a4e13dbdd8db99340c4a509db3060
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: concierge Version: 1.5.0 This skill is classified as suspicious due to its significant high-risk capabilities, even though they appear to be aligned with its stated purpose. Key indicators include the automatic startup of `ngrok` to expose a local service to the internet, the storage and use of multiple sensitive API keys (Twilio, Deepgram, ElevenLabs, Anthropic, Google Places, ngrok), and the execution of local binaries (`ffmpeg`, `ngrok`, `concierge server`). These capabilities, detailed across `SKILL.md`, `CALL-SETUP.md`, and `README.md`, present a substantial attack surface and potential for misuse, despite the lack of clear evidence of intentional malicious behavior in the provided files.
- External report
- View on VirusTotal