Malware Analyst
v1.0.0perform concise malware triage, focused IOC extraction, infrastructure hunting, and markdown report writing on remnux when the user supplies a suspicious fil...
⭐ 0· 93·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description promise (REMnux triage, IOC extraction, concise reports) matches the SKILL.md and reference documents. The skill does not request unrelated credentials, system paths, or exotic installs — it expects a REMnux analysis environment and stays focused on triage tasks.
Instruction Scope
SKILL.md instructs the agent to read user-supplied files/attachments, compute hashes, inventory archives, and write a markdown report. This is appropriate for triage, but it assumes the platform will provide access to attachments and that writing to /home/remnux/files/output is allowed. The skill explicitly forbids dynamic execution or external submission unless the user requests it, which limits scope creep.
Install Mechanism
No install specification or external downloads — instruction-only skill. This minimizes installation risk; it relies on the host REMnux toolchain but does not attempt to fetch or execute third-party code.
Credentials
The skill requests no environment variables or credentials, which is proportionate. One caveat: it implicitly expects REMnux tooling to be present (e.g., hashing, static-analysis tools) but does not declare required binaries; users should ensure the execution environment actually provides those tools.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges. It does write reports to a fixed path (/home/remnux/files/output), which is reasonable for its purpose but should be confirmed by the user.
Assessment
This skill appears to be what it claims: a REMnux-focused triage helper that reads user-supplied samples and writes a concise markdown report. Before installing or invoking it, verify: 1) you will run it in a REMnux environment (or equivalent) that provides the analysis tools it expects; 2) you are comfortable letting the agent access only the specific files/attachments you supply (don't give unrelated sensitive paths); 3) the report output path (/home/remnux/files/output) is acceptable and writable; and 4) you explicitly approve any dynamic execution or external submissions — the skill says it will not perform those without your consent. If you need stricter guarantees, ask the skill owner for an explicit list of required binaries and permission boundaries.Like a lobster shell, security has layers — review code before you run it.
latestvk97awad99vx100mrkxax4zge1983aes9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.