Back to skill
Skillv0.2.0
VirusTotal security
CI Whisperer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:04 AM
- Hash
- 6263ccd60edea8fc2ed9887ce026e721558765d9de8235b79e03bbcfe3ac3e7b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: martok9803-ci-whisperer Version: 0.2.0 The OpenClaw AgentSkills bundle 'ci-whisperer' is classified as benign. The `SKILL.md` clearly outlines a legitimate purpose (analyzing GitHub Actions failures) and implements robust safety measures, such as requiring explicit user approval and an environment variable (`CI_WHISPERER_WRITE=1`) for any write operations (e.g., creating PRs). The `scripts/ci_autopsy.py` script uses the GitHub CLI (`gh`) in a read-only capacity, explicitly preferring `/usr/bin/gh` to prevent path hijacking, and uses `subprocess.run` with a list of arguments, which is a safer method against shell injection. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection designed to bypass security controls.
- External report
- View on VirusTotal