Back to skill
Skillv1.0.0
VirusTotal security
ZenTao Analytics · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:49 AM
- Hash
- cd03fbcf3a9314b3afecb95c5d5ba7ba92def24936d00fe1aa8179084c81565a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: zentao-analytics Version: 1.0.0 The skill is designed to perform ZenTao analytics, which inherently requires handling highly sensitive credentials (API keys, database usernames/passwords) and making external network/database connections. The `scripts/analyze-tasks.js` file is configured to read these credentials from environment variables, and although it currently uses mock data, a `TODO` comment indicates that real API/database calls are planned. This capability, while necessary for the skill's stated purpose, introduces significant security risk due to the handling of sensitive data and external connectivity, classifying it as suspicious rather than benign.
- External report
- View on VirusTotal