Back to skill
Skillv1.0.3
VirusTotal security
Webcrm · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 22, 2026, 1:56 PM
- Hash
- a3e74471ff2badd4c8454970624eab41ecca318b40d33438447876b8f4101962
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: webcrm Version: 1.0.3 The skill provides instructions in SKILL.md for an AI agent to install a global npm package (@membranehq/cli) and execute shell commands for authentication and CRM data management via the Membrane platform. While these actions are aligned with the stated purpose of WebCRM integration, the requirement for global software installation and network-based authentication (e.g., 'membrane login') constitutes high-risk behavior in an automated agent environment, fitting the criteria for suspicious classification despite the lack of clear malicious intent.
- External report
- View on VirusTotal