Back to skill
Skillv0.2.2
VirusTotal security
local-coding-orchestrator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:25 AM
- Hash
- 1af49a506b54e0f01e57248d31e514ae0048f3598d6462d92e764e7830667240
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: local-coding-orchestrator Version: 0.2.2 The skill bundle defines a complex orchestration framework for local coding tools (Codex, Claude Code, OpenCode) that requires extensive local filesystem access and shell execution capabilities. While the logic is aligned with its stated purpose of task management and worker supervision, it relies on executing PowerShell scripts with '-ExecutionPolicy Bypass' (as documented in operator-playbook.md and usage-guide.md) and grants the AI agent broad authority to launch and reconcile background processes. This architecture presents a high-risk attack surface where prompt injection could lead to arbitrary command execution, although no evidence of intentional malicious behavior or data exfiltration was found.
- External report
- View on VirusTotal