Back to skill
Skillv1.0.3
VirusTotal security
Slite · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 22, 2026, 1:32 PM
- Hash
- 6e13a4864f2ee43439fecb793a9777a9736614099c4e3053e94529bfcc82f3b6
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: slite Version: 1.0.3 The skill requires the agent to perform global system modifications by installing a third-party CLI tool (`npm install -g @membranehq/cli`) and delegates all data handling and authentication to an external service (getmembrane.com). It instructs the agent to execute arbitrary logic and dynamically generate actions via the CLI (`membrane action create`), which constitutes a form of remote logic execution. While these actions are consistent with the platform's design, the requirement for high-privilege shell commands and the total dependency on a third-party intermediary for sensitive Slite data represent a significant security risk (SKILL.md).
- External report
- View on VirusTotal