Back to skill
Skillv1.0.0
VirusTotal security
Config Drift Scanner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 11:51 PM
- Hash
- 940fc41b929178e0b6d4946bb728590c6b9cda8d97fc38cee1fa2840d21b3218
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: config-drift-scanner Version: 1.0.0 The config-drift-scanner skill uses high-privilege shell commands (find, rg, kubectl) to recursively search for and extract sensitive configuration data, including .env files, Terraform variables, and Kubernetes ConfigMaps. While these capabilities are aligned with the stated purpose of detecting environment inconsistencies, the broad access to secrets and environment variables across the entire project constitutes a high-risk behavior. No evidence of data exfiltration or intentional malice was found in SKILL.md or _meta.json.
- External report
- View on VirusTotal