Back to skill
Skillv1.0.0
VirusTotal security
mcd-cn · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:28 AM
- Hash
- cb8494c87db58b0e54f8ada25399250a57ba070050bd58b09abe5b014fe43373
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill is classified as benign. It uses `curl` commands to interact with a McDonald's MCP service (`mcp.mcd.cn`) for its stated purpose of querying coupons, activities, and nutrition information. It requires an `MCD_TOKEN` for authentication, which is handled via an environment variable, and explicitly warns against exposing it. While it performs network requests and uses a sensitive token, these actions are clearly aligned with the skill's functionality and there is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence, or prompt injection attempts against the agent in SKILL.md.
- External report
- View on VirusTotal