Back to skill
Skillv1.0.3
VirusTotal security
gog-restricted · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:45 AM
- Hash
- 2e70316de5b62d90c563a3a52861723ac78871f696ba8700e2ac18f93b1d5cb1
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: gog-restricted Version: 1.0.3 This skill is designed with strong security controls to restrict access to the Google Workspace CLI (`gog`). The `SKILL.md` explicitly warns the AI agent against prompt injection, instructing it to ignore malicious directives found in email/calendar content and attachments. The `script/setup.sh` installs a robust shell wrapper that enforces an allowlist of commands and blocks sensitive flags (e.g., `--attendees` for `calendar create`) to prevent data egress. The wrapper's argument parsing is conservative, and there is no evidence of malicious intent such as data exfiltration, unauthorized persistence, or remote control. The use of `sudo` in `setup.sh` is for the legitimate purpose of installing the security wrapper.
- External report
- View on VirusTotal