Back to skill
Skillv0.2.5
VirusTotal security
Confluence CLI (confcli) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:38 AM
- Hash
- 44f5f8edbd436cbf2f2cb26fbd448b5102c787eb8be37ff27d952d20d8bf6ca4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: confluence-cli Version: 0.2.5 The skill bundle is classified as suspicious primarily due to its installation method and the broad capabilities of the installed tool. The `SKILL.md` file instructs the agent to install `confcli` by executing a remote script via `curl -fsSL https://raw.githubusercontent.com/hochej/confcli/main/install.sh | sh`. This direct execution of remote code introduces a significant supply chain risk, as the content of the script could be altered to deliver malicious payloads. Furthermore, the `confcli` tool, once installed, provides extensive capabilities to read, write, update, delete, and export data from Confluence, as well as interact with the local file system (e.g., downloading attachments, exporting content, editing files), representing broad permissions that could be misused. While the instructions include safeguards like requiring explicit user intent for write operations and not asking for tokens directly, the combination of remote code execution for installation and powerful system/network access makes this skill suspicious.
- External report
- View on VirusTotal