Back to skill
Skillv1.0.0
VirusTotal security
Setup · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 8:28 AM
- Hash
- ed3439e3e32b6244b998e3605d166f1059f0a5c9f7d60f0f13af80d823742297
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: setup Version: 1.0.0 The skill bundle is classified as suspicious due to the `recommendations.md` file suggesting `tools.exec.security: "full"` for a 'Developer Workstation' use case. This configuration is explicitly labeled as 'dangerous' in `SKILL.md` and `security.md` because it allows the AI agent to execute any command, creating a significant Remote Code Execution (RCE) vulnerability if the agent were to be compromised via prompt injection. While not malicious in intent, this recommendation guides users towards a high-risk configuration.
- External report
- View on VirusTotal