Back to skill
Skillv1.0.0
VirusTotal security
TeamWork · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 3:48 AM
- Hash
- e102464953e056efdd381d9c5790961825a9693af254f92888c4460fde968f2c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: teamwork Version: 1.0.0 The 'teamwork' skill is classified as suspicious due to its inherent high-risk capabilities, which include managing AI provider API keys, performing file system operations for configuration, and orchestrating complex multi-agent tasks. While these actions are central to the skill's stated purpose and there is no direct evidence of malicious intent (e.g., data exfiltration to unauthorized endpoints, malicious command execution, or obfuscation), the extensive control over sensitive credentials and agent behavior presents a significant attack surface. The `SKILL.md` instructs the OpenClaw agent to handle API keys (stored as environment variable references in `providers.json`) and to display configuration, which could lead to information leakage if the agent's runtime resolves these environment variables before displaying them to a potentially untrusted user. The skill's complexity and powerful functionality, even when aligned with its stated purpose, elevate its risk profile beyond benign.
- External report
- View on VirusTotal