Back to skill
Skillv1.0.0
VirusTotal security
mini-swe-agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:02 AM
- Hash
- c47d7653728f8ef4f7c5e65b698e1f210adf35644a85e5b97919ead3faf67fce
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mini-swe-agent Version: 1.0.0 The skill instructs the OpenClaw agent to execute an external, undefined command named `mini` using a bash tool. The `SKILL.md` explicitly mandates the use of the `--yolo` flag, ensuring this command runs autonomously without user intervention. While the skill itself does not contain malicious code, its reliance on an external, unverified executable combined with autonomous execution creates a significant vulnerability. If a malicious `mini` binary were present in the agent's environment (e.g., via PATH hijacking or a compromised installation), this skill would facilitate its execution, posing a high risk of arbitrary code execution or system compromise.
- External report
- View on VirusTotal