Back to skill
Skillv1.0.0
VirusTotal security
Incident Response · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:04 AM
- Hash
- d7427029bf7967824faffe117050caa5cbb862d9abaee2e6c6bdb6dfb102dda9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: incident-response Version: 1.0.0 The skill bundle requests high-privilege capabilities, including SSH access, cron job management, and the ability to read all historical session logs and configuration backups. While these functions are aligned with the stated purpose of 'Incident Response,' the skill provides instructions for the agent to exfiltrate system status and audit data to external messaging platforms (Signal, Telegram, Discord) as detailed in 'references/cron-template.md'. Additionally, the shell and Python snippets in 'SKILL.md' and 'references/prevention-patterns.md' lack input sanitization, which could be leveraged for command injection if the agent processes malicious user input during an investigation.
- External report
- View on VirusTotal