Back to skill
Skillv2.0.3
VirusTotal security
index1 Doctor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:10 AM
- Hash
- acac7df3b8980be9d58bced52564133a1a94c0682d75a953189de1b3aecab5fe
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: index1-doctor Version: 2.0.3 The skill's primary purpose is diagnostic, executing commands like `index1 doctor`, `index1 status`, and `ollama list`. However, the `SKILL.md` file contains a fix recommendation instructing the agent to suggest or potentially execute `curl -fsSL https://ollama.com/install.sh \| sh`. While `ollama.com` is a legitimate domain, recommending or executing a `curl | sh` command is a high-risk practice that introduces a significant remote code execution vulnerability, as it relies on the integrity of the remote script and could be exploited via supply chain compromise or if the agent executes it without sufficient user confirmation. This constitutes a risky capability without clear malicious intent within the provided files, classifying it as suspicious.
- External report
- View on VirusTotal