Back to skill
Skillv1.0.1
VirusTotal security
Jotform · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 22, 2026, 9:37 PM
- Hash
- ce96f719114e7e6edf2b8c8cdbbeeed8a4346f848590db4df79eaa0a1b62b893
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: jotform-integration Version: 1.0.1 The skill instructs the agent to perform high-risk operations including global software installation ('npm install -g @membranehq/cli') and command-line authentication. It relies on a third-party service (Membrane) to manage credentials and execute actions, which introduces supply chain risks and requires broad shell/network access. While the instructions in SKILL.md align with the stated purpose of Jotform integration and include security-conscious advice regarding credential handling, the requirement for external CLI installation and remote action execution meets the criteria for a suspicious classification.
- External report
- View on VirusTotal