Back to skill
Skillv1.0.2
VirusTotal security
Skill Combinator — Emergent Capabilities Engine · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:22 AM
- Hash
- b1656dc3027a3cbde320417690e51ff9dd1ccd2d7ceccc74db6837b53b779a93
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skill-combinator Version: 1.0.2 The skill acts as a meta-analyzer that inventories all installed skills and workspace logs to identify 'emergent capabilities.' While the intent appears helpful, it requires broad read access to the entire `/workspace/skills/` directory and core configuration files like `AGENTS.md` and `MEMORY.md`, as well as access to the `TELEGRAM_BOT_TOKEN`. The 'Weekly Distillation' logic (defined in `SKILL.md` and `cron-message.md`) processes entries from `LEARNINGS.md`, which introduces a risk of indirect prompt injection if those logs contain unsanitized data from other skills or external missions.
- External report
- View on VirusTotal