Back to skill
Skillv1.0.3
VirusTotal security
Solar Nexus · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:26 AM
- Hash
- fc57050c1a6628bca40fad17e07871b98d6db32e27b88bfdaabf0a0e4f04024b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: solar-nexus Version: 1.0.3 The skill requires the agent to install a global npm package (`@membranehq/cli`) and execute shell commands for authentication and API management as described in `SKILL.md`. These high-risk capabilities (shell execution and network access) are plausibly needed for the Solar Nexus integration but meet the criteria for a suspicious classification due to the potential for shell-based risks and supply chain reliance. Additionally, `_meta.json` contains a future-dated publication timestamp (2026), though no clear evidence of intentional malice was found.
- External report
- View on VirusTotal