Back to skill
Skillv1.0.2
VirusTotal security
Brainshop · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 9:43 AM
- Hash
- 6b7d7c976276a4aee28e819d9a02d1c7d3f5a7272a8eefdfcb3685b06a2a01d8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: brainshop Version: 1.0.2 The skill instructions in SKILL.md direct the AI agent to perform high-risk operations, including global package installation (npm install -g @membranehq/cli) and the execution of a CLI tool for authentication and network communication. While these capabilities are plausibly needed for the stated purpose of integrating with BrainShop via Membrane, the broad shell access and the ability to proxy arbitrary API requests represent a significant security surface. No clear evidence of intentional malice or data exfiltration was found.
- External report
- View on VirusTotal