Back to skill
Skillv0.84.0
VirusTotal security
agent-bom discover snowflake · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 1:56 AM
- Hash
- 6728bf611444b1f825b998ad11e18158713f38328cbd68c9ddc05c4237cb43ee
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-bom-discover-snowflake Version: 0.84.0 The skill requires access to highly sensitive Snowflake credentials, private keys, and configuration files (e.g., ~/.snowflake/connections.toml). While the SKILL.md documentation outlines security guardrails and claims to redact secrets, the actual implementation logic in snowflake_inventory_adapter.py is missing from the provided files, making it impossible to verify that credentials are not mishandled or exfiltrated. The combination of broad environment variable access and file-system reads for authentication material constitutes a high-risk profile.
- External report
- View on VirusTotal