Back to skill
Skillv1.0.0
VirusTotal security
Oh My OpenCode · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:22 AM
- Hash
- 46e52363657a5986d3e53f85d9d965e6b492d1207e83a96e73706329021f85a1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: oh-my-opencode Version: 1.0.0 The skill bundle describes a highly autonomous multi-agent system with extensive capabilities including arbitrary bash execution, file editing, network access, and background task execution, as detailed in `SKILL.md` and `references/configuration.md`. While these features are presented as necessary for its stated purpose of advanced software development, they represent significant high-risk behaviors. The ability to load skills from remote URLs (e.g., `https://example.com/skill.yaml` in `references/configuration.md`) also introduces a supply chain risk. There is no clear evidence of intentional malicious behavior in the provided files, but the broad permissions and autonomous nature make it suspicious due to the potential for misuse or misconfiguration.
- External report
- View on VirusTotal