Back to skill
Skillv3.2.1
VirusTotal security
Explore Maldives · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 9, 2026, 2:36 AM
- Hash
- 8d7ede0074ad2ad7db126328edcc7be7b0df0ac2f9a8547cc4dd382c4a0f5a75
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: explore-maldives Version: 3.2.1 The skill mandates the global installation of an external npm package (`@fly-ai/flyai-cli`) and forces the agent to execute shell commands to install it if missing (SKILL.md, references/fallbacks.md). While these actions are aligned with the stated goal of providing real-time travel data, the requirement for high-privilege system modifications and the use of forceful 'Critical Execution Rules' to override the agent's default behavior represent a significant risk and a potential vector for supply chain attacks.
- External report
- View on VirusTotal