Back to skill
Skillv0.1.0
VirusTotal security
Palest Ink - Activity Tracker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:56 AM
- Hash
- 4b4b5091a93f23c77ec5f7c02cb4a427583c175085701717a01b449e47127b1c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: palest-ink Version: 0.1.0 The OpenClaw skill 'palest-ink' is classified as suspicious due to its extensive data collection, high system privileges, and persistent execution mechanisms, even though its stated purpose is benign activity tracking. Key indicators include: 1) The `install.sh` script sets up a `launchd` agent to run every 15 seconds and configures global Git hooks (`core.hooksPath`), granting significant system-wide persistence and control. 2) The skill explicitly requests 'Full Disk Access' and 'Accessibility' permissions, enabling it to collect highly sensitive data such as web browsing history (including page content), shell commands, VS Code edits, and app focus. 3) The `collect_content.py` script performs outbound network requests to fetch content from arbitrary URLs found in the user's browsing history, a risky capability that could be exploited if the URLs themselves are malicious. While the code does not show explicit malicious intent (e.g., exfiltration to unauthorized endpoints), the broad scope of data collection and the powerful system modifications warrant a 'suspicious' classification.
- External report
- View on VirusTotal