Back to skill
Skillv1.0.0
VirusTotal security
Self-Upgrade (Tianyi) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:47 AM
- Hash
- 96024e80327121ed0f70fc9a30b32d013525bfe4ad6edeb1a9764f33718f7909
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tianyi-self-upgrade Version: 1.0.0 The skill is designed for self-upgrade and maintenance, which involves legitimate file system modifications (reading/writing `openclaw.json`, creating backups) and executing external commands (`openclaw doctor --fix`, `npm list`). While these actions are aligned with the stated purpose, the execution of external commands and direct file system manipulation are inherently high-risk capabilities. There is no clear evidence of intentional malicious behavior like data exfiltration or backdoor installation. However, the reliance on external commands and the potential for these commands to be exploited or misused, even if unintentionally by the skill's design, elevates the classification to 'suspicious' rather than 'benign'. The `SKILL.md` explicitly defines security constraints and forbidden actions, which is a positive indicator against malicious intent, but the underlying capabilities remain risky.
- External report
- View on VirusTotal