Back to skill
Skillv1.0.0
VirusTotal security
Intent Guardian · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:37 AM
- Hash
- 95bbcd7d081228fa04545dfc3333ef82ccd42ad3f4c887115ddc47190e8be199
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: intent-guardian Version: 1.0.0 The skill is classified as suspicious primarily due to the inherent privacy risks associated with its optional screen capture capability, implemented in `scripts/sense_screen.sh`. While the script itself handles temporary files correctly and the `SKILL.md` documentation states that raw screenshots are not persisted and are analyzed locally or via API, the base64 encoded screenshot is passed to the OpenClaw agent. If the `vision_model` configuration (e.g., 'claude', 'gemini') is enabled, this highly sensitive visual data will be sent to an external API, which constitutes a significant privacy exposure, even if documented and configurable. There is no evidence of malicious intent, data exfiltration to unauthorized endpoints, or prompt injection attempts against the agent; the broad `shell` and `filesystem` permissions are used for the skill's stated purpose of local activity monitoring.
- External report
- View on VirusTotal