Back to skill
Skillv1.0.0
VirusTotal security
Openclaw Action · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:49 AM
- Hash
- e5888e2c2bb8034bea525d9751ce52eefd9cedd37de8dfbac69447d34ca55b9c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-action Version: 1.0.0 The skill bundle is classified as suspicious due to a significant supply chain vulnerability. The `action.yml` file uses `curl -sL` to download and execute Python scanner scripts (sentry.py, bastion.py, egress.py) directly from `raw.githubusercontent.com` on the `main` branch of external repositories (e.g., `https://raw.githubusercontent.com/AtlasPA/openclaw-sentry/main/scripts/sentry.py`). This practice lacks version pinning or integrity checks, making the action highly susceptible to compromise if any of the upstream repositories are maliciously modified. While the stated purpose and the orchestrating `scripts/scan.py` appear benign, this unverified external code execution introduces a critical risk, allowing potential future malice without direct evidence of intentional self-exploitation within this bundle.
- External report
- View on VirusTotal