Back to skill
Skillv1.1.0
VirusTotal security
Chonkie DeepResearch · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:14 AM
- Hash
- 881ebe2bdeeed8f9b846e473e4581f738cfaa21f5662778c6cc603d55652ab42
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: chonkie-deepresearch Version: 1.1.0 The skill 'chonkie-deepresearch' (SKILL.md) facilitates long-running research tasks via an external CLI tool ('chdr'). It is classified as suspicious because it instructs the agent to perform high-risk operations, including installing software via 'curl | sh' (Rustup), executing shell commands with Python one-liners for data processing, and suggesting the creation of 'cron' jobs for status monitoring. These patterns, while functional for the tool's purpose, introduce significant security risks such as shell injection (via the <QUERY> parameter) and potential persistence. No clear evidence of intentional malice or data exfiltration was found, but the execution patterns are highly privileged and lack sanitization guidance.
- External report
- View on VirusTotal