Back to skill
Skillv1.0.1
VirusTotal security
Gmail Inbox Zero Traige · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:39 AM
- Hash
- b85a42427e0e7be40ab417a9768c4b7eed5b58f0ee6d23e3516b043b197b703a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gmail-inbox-zero-triage Version: 1.0.1 The skill is classified as suspicious due to risky capabilities, although without clear malicious intent. It requires the user to set the `GOG_KEYRING_PASSWORD` as an environment variable, which is sensitive, and instructs `export HOME=/root` in `SETUP.md`. While these might be legitimate for the `gog CLI` and the agent's execution environment, they represent elevated access and potential risk if the internal Python scripts (whose code is not provided) were to misuse these environment variables or access files outside the stated purpose. The skill also has broad read/modify access to the user's Gmail account via the `gog CLI`.
- External report
- View on VirusTotal