Back to skill
Skillv1.0.4
VirusTotal security
Ambivo · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:27 PM
- Hash
- 0df773b960bf6e10a43b96a8e9251fac05fac6997f00a8a06b3fa2b13199d51b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ambivo Version: 1.0.4 The skill requires the installation of a global npm package (@membranehq/cli) and relies on shell command execution to interact with the Membrane platform and Ambivo API. While these capabilities are aligned with the stated purpose of integrating customer data services, the requirement for network access and the execution of external CLI tools are high-risk behaviors according to the analysis criteria. No evidence of intentional malice, such as data exfiltration or unauthorized persistence, was found in SKILL.md or _meta.json.
- External report
- View on VirusTotal