Back to skill
Skillv1.9.72
VirusTotal security
Wip Universal Installer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:25 AM
- Hash
- e88c87dba12be22a6f65713eed64db5bf7953bee0b97d5d3ad846a4daf78df44
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wip-universal-installer Version: 1.9.72 The `wip-universal-installer` bundle (specifically `install.js`) performs high-risk system operations including global npm installations, recursive directory deletion (`rm -rf`), and modification of sensitive configuration files for Claude Code and OpenClaw (e.g., `~/.claude/settings.json`, `~/.openclaw/.mcp.json`). It also automatically attempts to install the `@wipcomputer/wip-ldm-os` package if not present. While these actions are consistent with its stated purpose as a multi-interface installer for agent-native software, the use of `execSync` on potentially untrusted repository paths and the broad modification of user environment settings present significant security risks and potential for shell injection.
- External report
- View on VirusTotal