Back to skill
Skillv1.0.0
VirusTotal security
Gov Regulatory · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:41 AM
- Hash
- 8e2a7083e6b7b3f66c362dc482576140fe0bf939dea0e82430f3f6e68061a898
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gov-regulatory Version: 1.0.0 The skill is classified as suspicious due to its reliance on an external, third-party service (`https://regulatory-monitor-mcp.apify.actor/mcp`) for core functionality, as configured in `SKILL.md`. While the stated purpose is to access public Federal Register data and there is no explicit evidence of malicious intent (e.g., data exfiltration of local files, prompt injection for harmful actions, or backdoor installation) within the provided files, this external dependency introduces a supply chain risk. The `apify.actor` endpoint could potentially be compromised or change its behavior, making it a 'risky capability' without clear malicious intent, aligning with the 'suspicious' classification.
- External report
- View on VirusTotal