Back to skill
Skillv3.3.1
VirusTotal security
Zrise Connect Release · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 23, 2026, 8:26 AM
- Hash
- 207fb3f0c20cd1f2eb84da46ee8f292d53b559e1c04a1793b7f799ee0fcf8dc3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: zrise-connect-release Version: 3.3.1 The skill bundle provides a comprehensive integration for the Zrise ERP system, including a web-based workflow manager and automated task processing. While the intent appears benign and aligned with its stated purpose, it contains several high-risk security vulnerabilities and behaviors. Specifically, `zrise_utils.py` explicitly disables SSL certificate verification (`ssl.CERT_NONE`), and `workflow_manager_ui.py` implements a web server that allows remote command execution with an authentication check that can be bypassed if a specific environment variable is not set. Additionally, the scripts perform environment modifications such as recursively removing macOS extended attributes (`xattr -cr`) and modifying the user's `~/bin` directory, which are aggressive for a standard skill bundle.
- External report
- View on VirusTotal