Back to skill
Skillv1.0.1
VirusTotal security
Guru · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 21, 2026, 3:21 PM
- Hash
- c66588000b256703ef13d543898a0d9011385043ed851a7f4fa54f6cbf0fe044
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: guru-integration Version: 1.0.1 The skill instructions in SKILL.md require the agent to perform high-risk system operations, specifically the global installation of a third-party NPM package (@membranehq/cli) and the execution of shell commands to manage authentication and Guru data. It also directs the agent to dynamically create and run actions via the Membrane platform (getmembrane.com). While these behaviors are aligned with the stated purpose, the reliance on system-level modifications and external binary execution for credential handling constitutes a significant security surface.
- External report
- View on VirusTotal