Back to skill
Skillv1.0.0
VirusTotal security
Farmos Tasks · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:21 AM
- Hash
- d0ac6841eb7ca8254fe420ecdf85887a1a27ec91935d0fb4145fbdc238503468
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: farmos-tasks Version: 1.0.0 The skill is classified as suspicious due to its explicit instructions for the AI agent to execute a shell script (`~/clawd/scripts/farmos-auth.sh`) and read a local file (`~/.clawdbot/farmos-users.json`) within the `SKILL.md` file. While these actions are stated to be for legitimate purposes (authentication and role-based access control, respectively), they represent powerful capabilities that introduce potential attack surface. There is no evidence of malicious intent such as data exfiltration or backdoor installation, and the skill includes defensive prompt injection instructions (e.g., 'Never create a task without confirming'). However, the direct invocation of shell commands and file system access, even for plausible reasons, elevates the risk beyond benign.
- External report
- View on VirusTotal