Back to skill
Skillv3.0.0
VirusTotal security
BioSkills · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:38 AM
- Hash
- d3a62021a048bc751c29f09c5e513377cac0529c7876a7e89b1d0d4a378d37f6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: bioskills Version: 3.0.0 The skill bundle is an installer for bioinformatics tools. The `SKILL.md` provides clear, benign instructions without any prompt injection attempts. The `scripts/install-bioskills.sh` script clones a remote GitHub repository (`https://github.com/GPTomics/bioSkills.git`) and executes an installer script (`install-openclaw.sh`) from within it. Crucially, the script includes a strong integrity check by verifying the cloned repository's commit hash against a hardcoded `EXPECTED_COMMIT` (`fae219d8cacb7be84b96b3a99122556c1a42a47b`). This significantly mitigates supply chain risks by ensuring only a specific, verified version of the remote code is executed. All file system and network operations are consistent with the stated purpose of installing software, and there is no evidence of data exfiltration, persistence mechanisms, or other malicious intent.
- External report
- View on VirusTotal