Back to skill
Skillv1.0.3
VirusTotal security
Ai Cli Orchestrator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:29 AM
- Hash
- d86547cb5b9c29df14e19019b52a9946f14b687cd56e21ed00d87f302318b4ca
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ai-cli-orchestrator Version: 1.0.3 The skill bundle functions as an orchestrator for multiple AI CLI tools, requiring high-privilege access such as sourcing the user's `~/.zshrc` and scanning for credentials in `.env` files (`SKILL.md`, `scripts/scan_ai_tools.sh`). While no explicit data exfiltration or malicious payloads were identified, the broad system access and the instruction for the AI agent to verify API keys by executing CLI commands create a significant attack surface for credential theft or unauthorized execution.
- External report
- View on VirusTotal