Back to skill
Skillv4.0.1
VirusTotal security
Virtual Desktop Pro v4 -- Universal Browser Execution · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:29 AM
- Hash
- 6910364fb337141d57eb47a3417410fe00f0e895c592e9f1b384267dd2fe7ef3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: virtual-desktop-pro Version: 4.0.1 The skill bundle performs high-privilege system modifications, including editing the host's `docker-compose.yml` and `openclaw.json` files, and using `docker exec` to install Playwright dependencies. These actions in `SKILL.md` facilitate a persistent authenticated browser environment that stores user sessions and opens port 6901 for noVNC access, creating a significant attack surface. While the logic in `browser_control.py` for CAPTCHA solving (via `capsolver.com`) and stealth proxying (via `browserbase.com`) aligns with the stated purpose of browser automation, the level of host-level control and session persistence is inherently risky.
- External report
- View on VirusTotal