Back to skill
Skillv1.0.3
VirusTotal security
Zoho Bugtracker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:20 AM
- Hash
- 9db573748de0119fbe78f171372b1ef6bf2ed08caa3110ca53a0eded4d0ed325
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: zoho-bugtracker Version: 1.0.3 The skill requires the agent to perform high-risk system operations, specifically the global installation of a third-party NPM package (`@membranehq/cli`) and the execution of CLI commands for authentication and API interaction. While these actions are aligned with the stated purpose of using the Membrane platform for Zoho Bugtracker integration, the requirement for global software installation and the redirection of all traffic through an external service (getmembrane.com) significantly increases the attack surface and introduces external dependencies.
- External report
- View on VirusTotal