Back to skill
Skillv1.0.0
VirusTotal security
Test Impact Analyzer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 2:16 AM
- Hash
- 11989235ff3d85785c1e84ba53c404723a9828aff2430f116e4c8cd5490b7141
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: test-impact-analyzer Version: 1.0.0 The skill provides a 'Test Impact Analyzer' utility using shell scripts and Python to map code changes to tests. It is classified as suspicious due to shell injection vulnerabilities in SKILL.md, particularly in the 'affected' command where the $BASE_BRANCH variable and filenames are used in shell pipes without proper sanitization. While the behavior aligns with the stated purpose, these vulnerabilities represent a risk for arbitrary command execution if the agent is prompted to process malicious branch names or file paths.
- External report
- View on VirusTotal