Back to skill
Skillv2.0.0
VirusTotal security
Cobra Claw - Strike First. Strike Hard · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:17 AM
- Hash
- 47677a3792a4b0d4a3e2a301035217f5418fe51fa04554757e82e2ec4f5bd4fc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cobraclaw Version: 2.0.0 The skill bundle is classified as suspicious due to the use of `eval "$1"` within the `count_test` function in `test-skill.sh`. While currently used with hardcoded, trusted strings, `eval` is an inherently dangerous function that represents a significant vulnerability (potential RCE) if the input to `count_test` were ever derived from untrusted sources. This constitutes a risky capability without clear malicious intent, aligning with the 'suspicious' classification rather than 'malicious' or 'benign'.
- External report
- View on VirusTotal