Back to skill
Skillv1.0.0
VirusTotal security
Agency Orchestrator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 31, 2026, 2:36 PM
- Hash
- b9b8a8aa7ac40ade20dea5e8656aaf0b9f4bb9f84d3444f4ed7b4a0d1806de59
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agency-orchestrator Version: 1.0.0 The skill bundle contains hardcoded absolute paths to a specific user's home directory (/Users/ghq/) in collaborative_mode.py, which are used to import external Python modules not included in the package. Additionally, the integrate_with_clawx.sh script modifies the user's ~/.bash_profile to alter the PATH and add command aliases, which is a sensitive persistence-like action. The system's reliance on a large collection of external 'Agents' and modules located in unverified local directories makes the full execution logic opaque and potentially unsafe.
- External report
- View on VirusTotal