Back to skill
Skillv1.0.3
VirusTotal security
Wix · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 5:18 AM
- Hash
- ceaf6ae6a899434994a4cd44f7bb768035392d19a600178652f424adcc12098c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wix Version: 1.0.3 The skill bundle facilitates WIX eCommerce integration via the Membrane CLI, requiring high-risk actions such as global package installation (`npm install -g @membranehq/cli`) and dynamic action creation/execution on a third-party platform (getmembrane.com). The command templates provided in `SKILL.md` for the agent to execute (e.g., `membrane action run`) lack explicit input sanitization instructions, which could lead to shell injection vulnerabilities if the agent processes unvalidated user input. While the behavior is aligned with the stated purpose, these high-risk capabilities and architectural risks warrant a suspicious classification.
- External report
- View on VirusTotal