Back to skill
Skillv1.0.0
VirusTotal security
Lead Automation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:59 AM
- Hash
- 5b1d4e6ff2ccf75d89f8b10420bef096074a8aaedd4a2464d69f8b6cfd3a98ef
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: lead-automation Version: 1.0.0 The skill is classified as suspicious due to its broad capabilities involving network access for external APIs (Google Maps, Google Places) and SMTP services (SendGrid, Postmark), as well as file system access for website generation and scheduling mechanisms for follow-up sequences, as described in SKILL.md. While these capabilities are plausibly needed for the stated purpose of lead automation, they represent high-risk functions that could be leveraged for unintended actions like spam, phishing, or data exfiltration if not properly constrained or if the agent's implementation is vulnerable. There is no clear evidence of intentional malicious behavior such as credential theft or backdoor installation.
- External report
- View on VirusTotal