Back to skill
Skillv1.1.0
VirusTotal security
Oc · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:36 AM
- Hash
- 48a5ad67c7749dd6f1250f749f585d46ccbbbe8e14f6b51247ee167d28152eef
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-doctor-pro Version: 1.1.0 This skill bundle is classified as suspicious due to its extensive use of high-risk capabilities, including the execution of arbitrary shell commands (e.g., `kill -9`, `systemctl start docker`, `npm install -g`) and direct file system modifications (create, delete, change permissions) via `scripts/lib/fix_step_executor.py` and `scripts/lib/utils.py`. While these actions are presented as necessary for diagnostic, error-fixing, and setup purposes, and many impactful 'fix recipes' in `data/fix-recipes.json` are marked as requiring user confirmation (`safe_auto: false`), the broad permissions to execute system commands and alter configurations without clear malicious intent still pose a significant risk. No explicit prompt injection attempts or data exfiltration to unauthorized endpoints were detected.
- External report
- View on VirusTotal