Back to skill
Skillv1.1.0
VirusTotal security
OAuth Providers · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:07 AM
- Hash
- 3d4ff4860203f099b6784f5f17b1a4119c7100411d699be3f6cdd5a3ea7b816c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: oauth-providers Version: 1.1.0 The skill provides legitimate AI provider credential management but employs high-risk capabilities, such as reading sensitive access tokens from the Claude CLI configuration file (~/.claude/.credentials.json) and instructing the AI agent to execute Python scripts and system commands (systemctl) for troubleshooting. While these actions are aligned with the stated purpose and lack evidence of malicious intent or data exfiltration, the direct access to external application secrets and the use of agent-led shell execution for configuration management meet the criteria for a suspicious classification under the provided rubric.
- External report
- View on VirusTotal