Back to skill
Skillv1.0.3
VirusTotal security
Umbrel Proxy Manager · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 23, 2026, 12:21 AM
- Hash
- f0ecea9a29353d5d3b5fead8e3e606c42496db365210cda85ee7ea88802cdf12
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: umbrel-proxy Version: 1.0.3 The skill automates Umbrel and OpenClaw integration by discovering Docker containers and updating configurations. It exhibits high-risk behavior by executing shell commands via subprocess.run(shell=True) in discover_umbrel_services.py and update_openclaw_config.py, creating a shell injection vulnerability where container names or configuration values are used to construct commands. While the intent appears benign and aligned with the documentation, the combination of broad system access (Docker) and insecure coding practices warrants a suspicious classification.
- External report
- View on VirusTotal