Back to skill
Skillv1.0.3
VirusTotal security
Clearbit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 6:01 AM
- Hash
- c6ab657be589b0f4c530a9faa4efce88de0531f63a12ee34f8c2bd0757466d4a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clearbit-integration Version: 1.0.3 The skill requires the agent to perform high-risk operations including the global installation of an NPM package (@membranehq/cli) and the execution of shell commands to manage authentication and data enrichment via the Membrane platform. It also provides a mechanism for dynamic action creation ('membrane action create'), which allows the agent to generate and execute new integration logic at runtime. While these capabilities are aligned with the stated purpose of Clearbit integration, the requirement for broad shell access and external software installation in SKILL.md constitutes a significant security risk without clear evidence of malicious intent.
- External report
- View on VirusTotal