Back to skill
Skillv1.0.2
VirusTotal security
expanso · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:18 AM
- Hash
- 0912fba714f1ebd2c5783bc82f2a7fef1b0fbcbb869764d050f91489e7fb7e25
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: expanso-edge Version: 1.0.2 The skill is classified as suspicious due to its installation method and operational model. It uses `curl -fsSL ... | bash` and `curl -fsSL ... | sh` commands in `SKILL.md` and `INSTALL.txt` to download and execute remote scripts, which is a significant supply chain risk. Furthermore, the skill establishes a remote control mechanism by connecting a local 'Expanso Edge' node to 'Expanso Cloud' using a bootstrap token, allowing pipelines (arbitrary code/logic) to be deployed from `skills.expanso.io` and executed locally. While these actions are described as the intended functionality of the Expanso platform, they grant extensive remote code execution capabilities, posing a high risk if the Expanso infrastructure were compromised.
- External report
- View on VirusTotal