Skillv1.0.0

VirusTotal security

Mediator · External malware reputation and Code Insight signals for this exact artifact hash.

SuspiciousApr 30, 2026, 3:48 AM

Hash: 1ef7752f155d27da3735ba79d421ed52d44f62a7f635793be6af2e23f075ef38
Source: palm
Verdict: suspicious
Code Insight: Type: OpenClaw Skill Name: mediator Version: 1.0.0 The skill is classified as suspicious due to its heavy reliance on external, unverified CLI tools (`gog-read.sh`, `imsg`, `llm`) for core functionality, as seen in `scripts/process-email.py`, `scripts/process-imessage.py`, and `scripts/summarize.py`. While `subprocess.run` with a list of arguments mitigates direct shell injection at the point of invocation, the internal handling of user-controlled input (like sender email or phone number) by these external tools is unknown and could introduce command injection vulnerabilities. Additionally, the use of `os.system` for `pyyaml` dependency installation in `scripts/config-helper.py`, `scripts/process-email.py`, and `scripts/process-imessage.py` is a general security anti-pattern, even if the specific arguments are hardcoded. There is no clear evidence of intentional malicious behavior like data exfiltration to arbitrary external endpoints or backdoor installation, but the identified vulnerabilities and high-risk dependencies warrant a 'suspicious' classification.
External report: View on VirusTotal