Back to skill
Skillv1.0.0
VirusTotal security
Plugin Publisher · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 20, 2026, 9:26 PM
- Hash
- 07219f12e5a5a034a6ba348e2a5160189431f84fa5e883bdb4525797903bddc5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: autosolutions-plugin-publisher Version: 1.0.0 The autosolutions-plugin-publisher skill bundle automates the creation, packaging, and GitHub publishing of plugins for Claude and OpenClaw. It utilizes high-risk capabilities including shell command execution (git, gh, zip) and the generation of executable scripts (.sh, .ps1) for the user to run locally. While these actions are aligned with the stated purpose and include instructions for user review before pushing code, the broad execution permissions and script-generation logic in SKILL.md and scripts/openclaw-generator-template.sh create a significant surface for potential prompt injection or unintended command execution. No explicit malicious intent or data exfiltration logic was identified.
- External report
- View on VirusTotal