Back to skill
Skillv1.1.3
VirusTotal security
Pulse Board · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:35 AM
- Hash
- a07d1b7f1903733ada64cbeb2f262a8ab6aa60f05c711d60b0e0c20180e931b4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: pulse-board Version: 1.1.3 The Pulse Board skill provides operational monitoring by wrapping cron jobs and aggregating logs into digests. It exhibits high-risk behaviors including automated crontab modification (in install.sh and plug.sh) and the sourcing of a secrets environment file (~/.openclaw/shared/secrets/openclaw-secrets.env) within those cron jobs. Additionally, digest-agent.sh transmits raw log content to an LLM agent for summarization, and deliver.sh sends data to external Telegram or Discord endpoints. While these capabilities are aligned with the stated purpose and the installer includes explicit user confirmation steps and privacy warnings, the combination of crontab manipulation, secrets handling, and data exfiltration to external APIs warrants a suspicious classification.
- External report
- View on VirusTotal