Back to skill
Skillv1.0.0
VirusTotal security
skill-stats · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:16 AM
- Hash
- 41cb0a9074f4b91a1c6b8cc71f88899335e249c2d3c3e1641fc9541435a8c5ff
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skill-stats Version: 1.0.0 The skill performs automated analysis of sensitive AI session logs and configuration files located in `~/.claude` and `~/.openclaw` to generate usage statistics. While the logic in `stats-collector.ts` and `openclaw-stats-collector.ts` appears focused on extracting tool invocation data (e.g., call counts and success rates), the requirement to recursively read all historical conversation files (`.jsonl`) constitutes a significant privacy and security risk. No evidence of data exfiltration or intentional malice was found, but the broad file system access to private interaction history is a high-risk capability.
- External report
- View on VirusTotal