Back to skill
Skillv1.0.0
VirusTotal security
Vendor Performance Audit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:59 AM
- Hash
- 67a4948a42dc1971e0e93357382925f363fc05327c221d03b6ac09efa0ab1d65
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: vendor-performance-audit Version: 1.0.0 The skill bundle defines a legitimate vendor performance audit process. However, the `SKILL.md` file instructs the AI agent to "Pull ticket data, delivery logs, or incident records." While this is plausibly needed for the stated purpose, it implies the agent requires access to potentially sensitive internal systems and data sources. This represents a significant risky capability that, if not properly secured by the OpenClaw platform or the agent's execution environment, could lead to unauthorized data access or exposure, classifying it as suspicious rather than benign due to the inherent risk of such data access capabilities.
- External report
- View on VirusTotal