Back to skill
Skillv1.0.0
VirusTotal security
Clawflows · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:12 AM
- Hash
- 3393b8668fead3af379257af7916173d6134d034888e5080b59291a2954ad6f9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawflows Version: 1.0.0 The skill instructs the agent to install the 'clawflows' CLI globally via `npm i -g clawflows` (SKILL.md), introducing a supply chain risk from the npm package. The installed CLI is designed to download and execute external automation YAML files, which can then trigger arbitrary shell commands defined within other skills' `CAPABILITY.md` files. This nested execution model, combined with external downloads and the ability to provide instructions for persistence (cron jobs), creates a significant attack surface for arbitrary code execution and potential compromise, even if no direct malicious payload is present in this bundle.
- External report
- View on VirusTotal