Back to skill
Skillv1.0.3
VirusTotal security
Cloudtalk · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:46 AM
- Hash
- 5d76fb67da0965fedb3432a1af3646a1e6c1d962c88ee2bd70c4b8710e444c05
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cloudtalk Version: 1.0.3 The skill provides instructions for an AI agent to interact with CloudTalk via the Membrane CLI. It requires high-risk actions such as installing a global npm package (@membranehq/cli) and executing shell commands. The instructions in SKILL.md guide the agent to construct shell commands using potentially unsanitized user input (e.g., the --input flag in 'membrane action run'), which presents a risk of shell injection. While these capabilities are aligned with the stated purpose of the integration, the inherent security risks associated with shell-based tooling without explicit sanitization logic warrant a suspicious classification.
- External report
- View on VirusTotal