Back to skill
Skillv1.0.0
VirusTotal security
Bambu Lab 3D Printer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:48 AM
- Hash
- f389ce8ccdcf2eab8e3cc8a496f9d0d6b7a6c3dec883603fc54f74a7581ec2c5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: bambu Version: 1.0.0 The skill is classified as suspicious primarily due to the instruction to install an external npm package globally (`npm i -g @versatly/bambu`) as a prerequisite. This introduces a significant supply chain vulnerability, as the integrity and behavior of this third-party package are not verifiable within the provided skill bundle. Additionally, the skill handles sensitive printer access credentials, allows local file system access for uploading files, and enables raw G-code execution, which are powerful capabilities that, while necessary for the stated purpose of 3D printer control, could be exploited if the agent or the external package were compromised. There is no direct evidence of malicious intent within the `SKILL.md` instructions themselves, but the inherent risks warrant a 'suspicious' classification.
- External report
- View on VirusTotal