Back to skill
Skillv1.0.2
VirusTotal security
Wolverine — Self-Healing Process Manager · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 9, 2026, 3:11 PM
- Hash
- 2b0d1d29fbf6878ba49f02b2c12557b2246a1fba02269b0611ae539a392295a1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wolverine-ai Version: 1.0.2 The skill implements a 'self-healing' mechanism that uses AI to automatically diagnose crashes and modify source code. This architecture is inherently high-risk as it creates a significant surface for indirect prompt injection, where an attacker could trigger specific error logs to trick the AI into 'fixing' the code with a backdoor. While SKILL.md describes extensive security features (Code Guard, Secret Redactor, and Sandboxing), the core functionality of automated code modification and execution of an external npm package (wolverine-ai) represents a major security risk in an agentic environment.
- External report
- View on VirusTotal