Back to skill
Skillv1.0.0
VirusTotal security
Code Optimizer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 23, 2026, 12:26 PM
- Hash
- 017471b7e104ccd3886198379e9097aba39d9f8608ba649a4a1ec1da14412161
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: code-optimizer Version: 1.0.0 The skill bundle's deployment script (scripts/deploy.sh) contains a hardcoded absolute path (/Users/apple/.openclaw/workspace/claude_optimization) as the source for its core logic, which is highly irregular for a portable skill and suggests it was not properly sanitized or is environment-specific. The script also performs intrusive system modifications, including creating symbolic links in the user's $HOME/bin directory and programmatically modifying external configuration files (hermes.yaml). While these actions are framed as integration steps for the 'Code Optimizer' tool, the reliance on external hardcoded paths and broad filesystem modifications without clear justification within the bundle itself are significant red flags.
- External report
- View on VirusTotal