Back to skill
Skillv0.1.2
VirusTotal security
xfire Security PR Review · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:48 AM
- Hash
- 113b0caf85b84ae728b2842fc74ef6b0a8e9baf80edba5dbd6eb04c5ad9fb5ae
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xfire-security-review Version: 0.1.2 The skill bundle describes the usage of 'xfire', a multi-agent adversarial security review tool. The `skill.md` file, which serves as instructions for an AI agent, clearly defines when and how to invoke the `xfire` CLI tool with various arguments. While the `xfire` tool itself requires broad permissions (e.g., GitHub token, multiple AI API keys, access to codebases) and interacts with external services, these capabilities are explicitly stated and necessary for its legitimate purpose of performing security reviews. There is no evidence of prompt injection against the OpenClaw agent, intentional harmful behavior, unauthorized data exfiltration, or instructions to perform actions beyond the stated purpose of using the `xfire` tool for security analysis.
- External report
- View on VirusTotal