Back to skill
Skillv1.1.0
VirusTotal security
Brand Identity Analyzer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:24 AM
- Hash
- cf79dcbda97447ff14c317bae2a11285c1eaf8af03da27d0f59c1d525f68528a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: brand-identity-analyzer Version: 1.1.0 The `SKILL.md` file contains a mandatory instruction for the AI agent to perform `git add`, `git commit`, and `git push origin main` to a local Git repository (`~/clawd/ad-ready`) after every new brand profile is generated. This is a high-risk instruction as it grants the agent broad permissions to modify and push to a potentially critical repository without explicit user confirmation, which could lead to unintended data modification or exfiltration if the repository were compromised or contained sensitive information. While the stated purpose is to update a brand catalog for a deployment, the automatic and non-optional nature of this operation makes it suspicious.
- External report
- View on VirusTotal