Back to skill
Skillv1.1.2
VirusTotal security
Mission Control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 21, 2026, 11:51 PM
- Hash
- 022ec4a39d5374d1d00eb45e64e677f6588f92ff2c54253c9e3388d46886fd41
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tsu-mission-control Version: 1.1.2 The skill bundle implements a comprehensive management dashboard that includes a 'Dispatcher' service (app/backend/src/services/dispatcher.js) capable of sending natural-language instructions and 'ACTION REQUIRED' prompts back to the AI agent. While aligned with the stated purpose of workflow orchestration, this creates a remote influence vector over the agent's behavior. Additionally, the backend uses custom regex-based HTML sanitization (app/backend/src/middleware.js), which is a vulnerable pattern for preventing XSS. The default unauthenticated configuration and the ability to remotely trigger agent actions via the OpenClaw gateway represent risky capabilities without clear evidence of malice.
- External report
- View on VirusTotal