Back to skill
Skillv0.1.0
VirusTotal security
Bomb Dog Sniff · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:36 AM
- Hash
- 67cdc6d65a4517eb7a006dda8db52fe9a2c5e328b605de318c94c7e518cc63b8
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: skill-bomb-dog-sniff Version: 0.1.0 The OpenClaw AgentSkills skill bundle 'bomb-dog-sniff' is a security scanner designed to detect malicious patterns in other skills. Its core components (`scan.js`, `safe-download.js`, `patterns.js`, `scripts/sniff.sh`) are all focused on this purpose. The skill implements robust security measures such as path sanitization, secure quarantine directories, download size/timeout limits, and symlink loop protection. While it interacts with the file system, network, and child processes, these actions are necessary for its stated function and are performed with security best practices. The presence of explicitly labeled 'test-malicious-skill' files (e.g., `test-malicious-skill/scripts/malicious.js`) demonstrates the scanner's detection capabilities rather than indicating malicious intent of the skill itself. The `SKILL.md` documentation is descriptive and does not contain prompt injection attempts against the AI agent.
- External report
- View on VirusTotal