Back to skill
Skillv0.1.1
VirusTotal security
xmind · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:00 AM
- Hash
- d8eeee791e7ec2509b5db884683bd0b353bb7cb060981d792a8b843ada83967d
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xmind-skill Version: 0.1.1 The skill bundle is designed to generate and read XMind files using a specified npm package (`xmind-generator-mcp@0.1.2`) via `npx`. The `SKILL.md` provides clear instructions for the AI agent on how to interact with the MCP server, handle user input (language, filenames, content), and manage file operations (saving to `~/Desktop` or `/tmp`). There are no instructions for data exfiltration, persistence, unauthorized remote control, or any other malicious activities. The inclusion of filename sanitization rules is a positive security practice. While potential vulnerabilities could arise from the agent's implementation of user input sanitization when converting to JSON, the skill's instructions themselves do not exhibit malicious intent.
- External report
- View on VirusTotal