Back to skill
Skillv3.0.0
VirusTotal security
Skill Security Reviewer 3.0 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:44 AM
- Hash
- d3abc83a9169379a19bff191a3aee4a4d0c371e46bc637f068faaaa2da17d3a9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skill-security-reviewer Version: 3.0.0 The skill 'skill-security-reviewer' is designed to detect malicious skills, a benign objective. Its `SKILL.md` explicitly forbids the agent from executing any commands or scripts from the target skill or executing decoded code (Section §3, 'Execution Rules'). However, the skill requires broad file system access to read and analyze all files of a target skill, including potentially sensitive configurations and code. This constitutes a 'risky capability' (broad permissions, processing untrusted input) even though it is plausibly needed for its stated purpose. The inherent risk of processing and decoding potentially malicious content, combined with broad file access, creates a vulnerability surface for the agent or its environment, leading to a 'suspicious' classification rather than 'benign' or 'malicious'.
- External report
- View on VirusTotal