Back to skill
Skillv1.0.0
VirusTotal security
Sentiment Radar · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:32 AM
- Hash
- 22cdcf32a6b80f35be616dfab41839c4aecbd0277cc5197cca13a6528b368ce7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: sentiment-radar Version: 1.0.0 This skill is classified as suspicious due to its reliance on external, user-installed code from GitHub (`MediaCrawler` in `SKILL.md` and `xhs_crawler.py`), which introduces supply chain risks. It also utilizes powerful capabilities such as `exec(background=true)` for background process execution (SKILL.md), programmatic modification of another skill's configuration file (`base_config.py` in `xhs_crawler.py`), and direct browser automation via Chrome DevTools Protocol (`connect_over_cdp` in `dy_scrape.py`). While these actions are plausible for a web scraping and analysis tool, they represent high-privilege operations that could be exploited or misused if the external dependencies were compromised or if the agent were prompted to deviate from its intended purpose. There is no clear evidence of intentional malicious behavior like data exfiltration to external endpoints or persistence mechanisms.
- External report
- View on VirusTotal