Back to skill
Skillv1.0.0
VirusTotal security
Agent Auditor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 1, 2026, 7:26 AM
- Hash
- d60430749766d0dec03aee57d57a2367d92206a5107db9c1359257bf6e38584c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-auditor Version: 1.0.0 The Agent Auditor skill functions as a wrapper for an external security auditing tool, requiring high-risk permissions including 'Bash' and 'Write'. While the instructions in 'SKILL.md' and the logic in 'scripts/run-audit.mjs' are aligned with the stated purpose of analyzing AI tools for telemetry and privacy, the use of 'npx' to fetch external code and the broad shell/file access represent risky capabilities that meet the threshold for a suspicious classification despite the lack of clear malicious intent.
- External report
- View on VirusTotal