Back to skill
Skillv1.0.7
VirusTotal security
Virtual Desktop — Universal Browser Execution · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:19 AM
- Hash
- 44467df1f06c1c89320933250bc67e7fdd2155f693c9bc9b684b85260690eaca
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: virtual-desktop Version: 1.0.7 The 'virtual-desktop' skill bundle provides extensive browser automation capabilities by deploying a kasmweb/chrome Docker sidecar. It performs high-risk setup actions, including programmatically modifying the host's docker-compose.yml and .env files, opening port 6901 for remote VNC access, and using docker exec to install dependencies. While these actions are aligned with the stated goal of enabling 'Computer Use' for the agent, the broad permissions, modification of system-level configurations, and exposure of a remote desktop port constitute a significant security risk. No clear evidence of intentional malice was found, and the documentation includes appropriate security warnings regarding the VNC password and firewalling.
- External report
- View on VirusTotal