Back to skill
Skillv0.1.9
VirusTotal security
Cyber Security Engineer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:57 AM
- Hash
- 7252dac882e4ee4ec7390853b0336ce22e0c1af18128014621ba33a3a45e5a0d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cyber-security-engineer Version: 0.1.9 The skill implements a security governance framework that includes high-risk capabilities such as shadowing the system `sudo` binary via a runtime hook (`scripts/install-openclaw-runtime-hook.sh`) and modifying macOS LaunchAgent configurations to alter the system `PATH`. It also features a notification utility (`scripts/notify_on_violation.py`) that can execute external binaries and scripts that perform broad system monitoring of network ports and egress connections. While these actions are aligned with the stated goal of security hardening and the code includes defensive measures like environment scrubbing and input sanitization, the inherent risk of intercepting privileged execution and accessing sensitive configuration files (`~/.openclaw/openclaw.json`) warrants a suspicious classification.
- External report
- View on VirusTotal