Back to skill
Skillv1.0.0
VirusTotal security
Skeall Skill Builder · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:12 AM
- Hash
- 0fa20ad91bc25da9d8acf6c8f44523525343d8e48553bc549f64bce1ceab2253
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skeall Version: 1.0.0 The skill 'skeall' is designed to build, audit, and improve other Agent Skills. While its stated purpose is benign and even security-focused (it includes checks for hardcoded credentials, XML injection, and other anti-patterns in *other* skills), it possesses inherently high-risk capabilities. These include broad file system access (reading, writing, modifying skill files and platform configurations), environment variable inspection, and network calls (HTTP HEAD requests for URL validation). These capabilities, though necessary for its function, could be exploited through prompt injection against the agent or other vulnerabilities in the agent's execution environment, potentially leading to unauthorized file modification, data exfiltration, or network scanning. There is no evidence of intentional malicious behavior within the skill itself, but its powerful capabilities warrant a 'suspicious' classification.
- External report
- View on VirusTotal