Back to skill
Skillv1.0.0
VirusTotal security
Meta-Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:00 AM
- Hash
- cb2b6ce080ca26823fba871aa53321b58b25c680fd8c2ce4e3b41491a8891e3f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: meta-skill Version: 1.0.0 The bundle implements a 'meta-skill' compiler that allows an agent to generate new skills from its own execution history. It is classified as suspicious because it requires high-privilege access to read sensitive session logs from `~/.openclaw/agents/` (via `scripts/trace-from-session.js`) and has the capability to write new executable code and instructions into the system's skills directory (via `scripts/trajectory-compiler.js`). While these functions are consistent with the stated purpose of a trajectory compiler, the ability to self-modify and access historical transcripts represents a significant security risk if the input traces are manipulated.
- External report
- View on VirusTotal