Back to skill
Skillv1.0.0
VirusTotal security
Context Management · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:12 AM
- Hash
- 5cce0986e21d90779022b0214dc40ce95638ee3fe8524d073d07a098567b8b7e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: context-management Version: 1.0.0 The skill bundle is designed for context management, which inherently requires powerful capabilities like executing shell commands (`cp`, `rm`, `date`), modifying OpenClaw gateway configuration (`gateway config.patch`), and writing files outside the immediate workspace (e.g., `/tmp/` for rollback docs). While these actions are explicitly instructed in `SKILL.md` with detailed procedures for transparency, user consent, and safety (backups, rollback docs), the inherent power of these operations makes the skill suspicious. There is no evidence of malicious intent such as data exfiltration, unauthorized remote control, or obfuscation; rather, the instructions emphasize user awareness and control. The `scripts/context-checkpoint.sh` also performs file write/read/delete operations within the workspace. The classification is 'suspicious' because these high-privilege actions, if misused (e.g., via prompt injection against the agent or a compromised agent environment), could lead to significant system impact, even though the skill itself is designed as a legitimate utility.
- External report
- View on VirusTotal