Back to skill
Skillv1.0.3
VirusTotal security
Sendgrid · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:26 AM
- Hash
- d83983e9aa8e88001269d332158fcde01e0c83cff7afc271d7640450e508f837
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: sendgrid-integration Version: 1.0.3 The skill requires the agent to perform a global installation of a third-party CLI tool (`@membranehq/cli`) and routes all SendGrid interactions through an external middleware service (`getmembrane.com`). While these actions are aligned with the stated purpose of managing email campaigns, the requirement for high-privilege system changes (global npm install) and the delegation of credential management to a third-party platform represent significant security risks. No explicit evidence of malicious intent or data exfiltration was found in SKILL.md or _meta.json.
- External report
- View on VirusTotal