Back to skill
Skillv1.0.0
VirusTotal security
Multi-Skill Automation Suite · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:49 AM
- Hash
- c1a3151cc849f7c89a50372b7b934b8cbd08abd7faf32b9010c3c579ec836243
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: multi-skill-automation-suite Version: 1.0.0 The skill bundle is classified as suspicious due to explicit instructions in SKILL.md and README.md that create significant security vulnerabilities for the OpenClaw agent. Most notably, the 'Skill Discovery' feature is described as 'Find and install new agent skills automatically', which is a direct instruction for the AI agent to perform arbitrary code execution by installing potentially malicious skills without explicit user confirmation. Furthermore, instructions for 'Host Security Hardening', 'Firewall & SSH Management', and 'Browser Automation' grant the agent broad system-level and web interaction capabilities, increasing the attack surface if the agent is compromised or misdirected through prompt injection.
- External report
- View on VirusTotal