Back to skill
Skillv1.0.0
VirusTotal security
Agent Task Manager · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 9:11 AM
- Hash
- 25d6d409a17beb38edc36c3029b9399a4ec964ed3f2279cd2b314f141bb61f10
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: modesty-agent-task-manager Version: 1.0.0 The skill contains a high-risk shell injection vulnerability in `scripts/cooldown.sh` due to the use of `eval` on unvalidated command-line arguments. While the code logic for task orchestration and LLM-based parsing via the SkillBoss API (api.heybossai.com) appears consistent with its stated purpose of managing crypto-related workflows, the unsafe execution of shell commands is a significant security flaw that could be exploited for arbitrary code execution.
- External report
- View on VirusTotal