Back to skill
Skillv1.0.0
VirusTotal security
meeting-notetaker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 6, 2026, 3:06 PM
- Hash
- 7cb8deaadda1210bc4768390bc5ae585f76ec1a566a53099dbcd71d83a44f7f0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: meeting-notetaker Version: 1.0.0 The skill is classified as suspicious because it explicitly instructs the AI agent to bypass standard tool abstractions and directly read sensitive credential files located at `/opt/ocana/openclaw/.gog/credentials.json` and a local `.context` file in `SKILL.md`. While these actions are framed as necessary workarounds for fetching calendar data and meeting notes, direct file-system access to credentials and environment variables represents a high-risk pattern that could be exploited. No evidence of intentional data exfiltration to unauthorized endpoints was found, but the instructions grant the agent excessive privilege over system-level secrets.
- External report
- View on VirusTotal