Back to skill
Skillv1.0.0
VirusTotal security
superviser ressources · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:27 AM
- Hash
- 74473c3c5d0c82db6ca804155695fce307262ec37ee33000371225570eb2dbb7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: supervisorclaw Version: 1.0.0 The `monitor.py` script itself is benign, performing system resource and service health checks using `psutil`, `requests`, and `subprocess` to run hardcoded `docker ps` commands. However, the `SKILL.md` describes a `/supervisor restart <nom>` command. While the `monitor.py` does not implement this restart functionality, the skill's design implies the agent will execute commands based on user input. This, combined with the use of `subprocess` in `monitor.py` for system commands, creates a high potential for a shell injection vulnerability if the `restart` command were implemented without proper input sanitization, making the skill suspicious due to this significant RCE risk.
- External report
- View on VirusTotal