Back to skill
Skillv1.0.0
VirusTotal security
Windows Automation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:15 AM
- Hash
- 5e7bd9b92f37bee3ca05ac287d9c6142a84e4568ef60e8efc7cec815e83b3e84
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: windows-automation Version: 1.0.0 The skill provides high-risk capabilities including arbitrary PowerShell command execution (windows_command), clipboard access, and screen capture, which are powerful primitives for data exfiltration and system compromise. Notably, __init__.py explicitly disables the PyAutoGUI failsafe mechanism (pyautogui.FAILSAFE = False), a standard safety feature designed to allow users to interrupt automated mouse movements. While these features align with the stated goal of 'Windows Automation', the combination of broad system access and disabled safety guards presents a significant security risk if the agent is targeted by prompt injection.
- External report
- View on VirusTotal