Back to skill
Skillv1.0.2
VirusTotal security
Automation Master · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 26, 2026, 1:06 PM
- Hash
- 27fd84a7e8397bb2dc7cdb0b75490c4c00a7f0cedb74ce2abd2c2b6c4ac1a022
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mk1350-automation-master Version: 1.0.2 The skill bundle is classified as suspicious due to the inclusion of an atypical 'billing' and 'subscription' logic in execute.py and SKILL.md, which references pay-per-use pricing and 'automatic refunds' for an AI-driven service. The code employs high-risk Windows APIs and system commands, such as win32com for Excel manipulation, os.system for killing processes (taskkill), and win32api.ShellExecute for printing. Furthermore, services/file_print_service.py contains a hardcoded internal IP address (10.92.30.89), indicating the code may be specifically targeted or poorly sanitized. While no direct evidence of data exfiltration was identified, the combination of commercial prompt-injection-like instructions and high-privilege system access is concerning.
- External report
- View on VirusTotal