Back to skill
Skillv1.0.13
VirusTotal security
Pr Ship · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:15 AM
- Hash
- b867a8d004dc98261112436760515761b81f452621182a24e49b32e0e13ee464
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: pr-ship Version: 1.0.13 The skill is designed for local codebase analysis using explicitly read-only commands (`grep`, `find`, `ls`, `git diff`). The `SKILL.md` and `EXPLORATION-PLAYBOOK.md` contain strong guardrails, explicitly instructing the AI agent *not* to execute commands that modify files or perform build/test actions, but only to recommend them to the user. The `scripts/test-update-pipeline.sh` script, while using more powerful commands, is for testing the skill's update mechanism and includes checks that *prevent* automated `git push` or `clawhub publish` in the cron job. A 'Security Notice' in `SKILL.md` warns users about potential secret exposure in generated reports, which is a transparency measure, not an instruction for malicious exfiltration. No evidence of intentional harmful behavior (e.g., data exfiltration, persistence, unauthorized remote control) was found.
- External report
- View on VirusTotal