Back to skill
Skillv2.0.0
VirusTotal security
ClawScan · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:18 AM
- Hash
- 045707186d89c12cd2c8e51c2a5e9f80231d819ca632c7ef010f83a041a86de7
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawscan Version: 2.0.0 The skill bundle implements a security scanner for OpenClaw skills. All files, including the `SKILL.md` instructions and the `scripts/skillguard.py` code, consistently describe and execute a tool designed to detect malicious patterns in *other* skills. The `SKILL.md` explicitly details the types of risks (e.g., code execution, credential theft, persistence) that the scanner *looks for*, not actions the skill itself performs. The Python script uses `subprocess` to interact with the `clawhub` CLI to fetch skills into temporary directories for analysis and scans local or installed skills, which are legitimate operations for its stated purpose. There is no evidence of intentional harmful behavior, data exfiltration, persistence, or prompt injection against the agent to perform unauthorized actions.
- External report
- View on VirusTotal