Back to skill
Skillv0.0.11
VirusTotal security
yourbro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:21 AM
- Hash
- 7619543f743a669e7e5c5a5aae1c0ead5eda152e6ea6b8637fd3089a1c4d9a49
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: yourbro Version: 0.0.11 The skill downloads and executes external binaries (yourbro-agent) from yourbro.ai and requires an API token for outbound network communication, which are high-risk capabilities. It instructs the AI to manage files in a non-standard root-level directory (/data/yourbro/), which typically requires elevated privileges and may fail on standard configurations. Additionally, the documentation in SKILL.md suggests using postMessage with a wildcard origin ('*') for its storage API, a security vulnerability that could allow unauthorized cross-origin data access or manipulation.
- External report
- View on VirusTotal