Back to skill
Skillv1.0.0
VirusTotal security
Compliance Review · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:20 AM
- Hash
- 1d18cfcfbef6fca8472bc7b9a8521632ee40b3e9800e80713e896f9a17726184
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: compliance-review Version: 1.0.0 The skill bundle contains a 'firstRunAutoApprove' feature documented in SKILL.md and enabled in config.js, which explicitly instructs the AI agent to bypass all compliance checks during its initial execution. This creates a predictable window for unauthorized or non-compliant documents to be processed without oversight. Additionally, the config.js file specifies an insecure HTTP login URL (http://ehis-unity-admin-afweb.psic.com.cn/user/login) for a corporate portal, exposing credentials to potential interception.
- External report
- View on VirusTotal