Back to skill
Skillv1.0.3
VirusTotal security
Servicenow · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:14 AM
- Hash
- 80da53afa8062521fdb65347b802e208ed701b200901da84bd3043d3f6668fda
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: servicenow-integration Version: 1.0.3 The skill requires high-risk system modifications and relies on a third-party service for dynamic code execution. Specifically, SKILL.md instructs the agent to perform a global package installation ('npm install -g @membranehq/cli') and utilizes a remote service (Membrane) to dynamically generate and execute actions ('membrane action create'). While these capabilities are aligned with the stated purpose of ServiceNow integration via the Membrane platform, the requirement for global system changes and the execution of remotely generated logic represent significant security risks in an automated agent environment. No clear evidence of intentional malice or data exfiltration was found.
- External report
- View on VirusTotal