Back to skill
Skillv1.0.2
VirusTotal security
Youxinpai Reconciliation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:35 AM
- Hash
- 55a79d9f0a3a1e72f3b266742ce3b40806d7f0b9637fde273696ab7cd9ae9aad
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: youxinpai-reconciliation Version: 1.0.2 The skill performs high-risk operations including modifying local Java source code and configuration files within a specific directory (/Users/a58/Desktop/code/yxp_oms_web) and executing local unit tests. While these actions are aligned with the stated purpose of automating a 'Youxinpai' reconciliation workflow on internal platforms (dp.58corp.com), the requirement to programmatically alter source code and run local tests constitutes a significant risk. There is no evidence of intentional malice or data exfiltration, but the broad local write/execute permissions and hardcoded private IP (10.192.12.236) warrant a cautious classification.
- External report
- View on VirusTotal