Cartogopher

Type: OpenClaw Skill Name: cartogopher Version: 1.0.1 The skill is classified as suspicious due to several high-risk actions, even though they are presented as necessary for its functionality. Specifically, the `SKILL.md` instructs the agent to modify system files like `/etc/machine-id` (if not present) and user shell profiles (`~/.zshrc` or `~/.bashrc`) to establish persistence for its API key. While these actions are explained as prerequisites for the CartoGopher MCP server, modifying system-level files and shell profiles represents a significant attack surface and a common technique used by malicious software, warranting a 'suspicious' classification rather than 'benign'.