Back to skill
Skillv0.1.1
VirusTotal security
Portainer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:36 AM
- Hash
- 3cc363b9d584f22d3d2d94a4ca9f8101e8125762201f6aa13dc245133668862b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: portainer-skill-openclaw Version: 0.1.1 The skill is classified as suspicious due to two main reasons found in `scripts/portainer_manager.py`. First, all HTTP requests to the Portainer API disable SSL certificate verification (`verify=False`), making the communication vulnerable to Man-in-the-Middle attacks and potentially exposing the Portainer API key and sensitive commands. Second, the `execute_docker_command` function allows the OpenClaw agent to proxy arbitrary Docker API requests through Portainer, granting extremely broad control over the underlying Docker environment, which is a high-risk capability that could lead to system compromise if exploited.
- External report
- View on VirusTotal