Back to skill
Skillv1.0.1
VirusTotal security
task-queue-by-model-source · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:08 AM
- Hash
- 0c81e8cf10b2ea942da55232e1fe9626c91c4980bde5cc761dcf6eaad289d632
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: model-queue Version: 1.0.1 The skill implements a task orchestration system that automatically establishes persistence by modifying HEARTBEAT.md and registering cron jobs during its 'First Run Setup' (SKILL.md). It requires broad filesystem permissions to manage queue files in the user's home directory (~/.openclaw/model-queues/) and utilizes sessions_spawn to execute tasks via subagents. While these capabilities are aligned with the stated purpose of a model-based task queue, the automated modification of system-level orchestration files and the potential for arbitrary task execution via subagents present a significant attack surface without explicit user confirmation for each system change.
- External report
- View on VirusTotal