Back to skill
Skillv1.1.0
VirusTotal security
Power Automate Debug · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:12 AM
- Hash
- e37e049b67b07a3e0aee6affe38b52ab34daff1ffabed32e8e97a824bbc98140
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: power-automate-debug Version: 1.1.0 The skill bundle provides capabilities to diagnose and modify Power Automate flows via an external MCP server (mcp.flowstudio.app). It includes high-risk behaviors such as exfiltrating flow run outputs (which may contain sensitive data) and updating live flow definitions (update_live_flow in SKILL.md). While these capabilities are plausibly needed for the stated purpose of debugging and fixing flows, the combination of third-party network access and high-privilege write access to cloud infrastructure logic meets the criteria for a suspicious classification.
- External report
- View on VirusTotal