Back to skill
Skillv1.0.1
VirusTotal security
Openclaw Security · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:26 AM
- Hash
- 7ea727f003a735d9163b2f12c5896b7b03ee6547ac54ed6a2dc8d161b382ae56
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-security Version: 1.0.1 The OpenClaw Security Suite skill bundle is an orchestrator designed to install, configure, and manage other OpenClaw security tools. The `SKILL.md` and `README.md` files clearly describe its purpose and commands, with no evidence of prompt injection or hidden instructions. The `scripts/security.py` script uses `subprocess.run` to execute the `clawhub` CLI for installing/updating other skills and to run local Python scripts for the 11 security tools it manages. All commands passed to `subprocess.run` are hardcoded lists of strings, preventing shell injection from within this script. There is no evidence of data exfiltration, persistence mechanisms, or other malicious intent within this skill bundle's code or documentation. The inherent reliance on `clawhub` and other external skills introduces a supply chain risk, but this specific skill bundle itself does not exhibit malicious behavior.
- External report
- View on VirusTotal