Back to skill
Skillv1.0.4
VirusTotal security
Mailboxvalidator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:12 PM
- Hash
- ae2f8f7ded8285e04dafd7da1baa935546286e47db64a0867dee65801a024be2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mailboxvalidator Version: 1.0.4 The skill bundle instructs the AI agent to perform high-risk operations, including the global installation of a third-party NPM package (@membranehq/cli) and the execution of shell commands for authentication and API interaction. It directs all sensitive traffic and credential management through an external proxy service (getmembrane.com), which introduces a significant dependency and potential point of interception. While these capabilities are plausibly needed for the stated integration logic, the requirement for global system modifications and third-party routing warrants a suspicious classification (SKILL.md).
- External report
- View on VirusTotal