Back to skill
Skillv1.0.0
VirusTotal security
Pub Web Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:58 AM
- Hash
- c9dcc54aff28ad74c7ff2577778934a7431172e0e618664df7bdc735655af40b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: web-searchs Version: 1.0.0 The skill bundle acts as a wrapper for a third-party API (api.heybossai.com) and claims to provide access to non-existent AI models such as GPT-5 and Claude 4.6, which is highly misleading. While it lacks explicit malware, it requests broad permissions (Bash) and includes high-risk capabilities like sending emails and SMS verification (prelude/verify-send) under the generic name 'web-search'. The inclusion of 'vaporware' model names and the discrepancy between the skill's name and its broad functionality suggest a lack of transparency or a potential for unauthorized data collection.
- External report
- View on VirusTotal