Back to skill
Skillv1.0.0
VirusTotal security
This skill informs the agent how to use Viam CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:39 AM
- Hash
- e4071eba2c14a875061b25317af2dbadad6dc6a825b0151b381960f3162612fa
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: viam-cli Version: 1.0.0 The skill is classified as suspicious due to the explicit instructions for the AI agent to utilize high-risk Viam CLI commands such as `viam machines part shell` (remote shell access) and `viam machines part cp` (remote file transfer). While these are legitimate functions of the Viam CLI and the skill includes guardrails like requiring user confirmation for destructive operations and installation, their exposure to an AI agent creates a significant vulnerability to prompt injection, potentially leading to remote code execution, unauthorized data exfiltration, or code deployment if the agent is compromised. These capabilities, detailed in `SKILL.md`, represent a critical security risk, even without explicit malicious intent within the skill's design.
- External report
- View on VirusTotal