Back to skill
Skillv1.1.20
VirusTotal security
WP Multitool — WordPress Optimization Toolkit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:29 AM
- Hash
- af90f7ab1f326a619e51fd0fee6851c98a2da240f972457fe535c93b917dcf7a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wp-multi-tool Version: 1.1.20 The skill provides extensive administrative control over WordPress environments, including the ability to execute SQL queries via 'wp db query', modify the 'wp-config.php' file, and permanently delete database records and posts. While these capabilities are aligned with the stated purpose of site optimization and the SKILL.md file includes explicit safety instructions (such as requiring user confirmation for write operations and avoiding sensitive constants), the broad permissions and shell/database access represent significant risky capabilities. No evidence of intentional malice or data exfiltration was found, but the inherent risk of these operations justifies a suspicious classification.
- External report
- View on VirusTotal