Back to skill
Skillv2.2.0
VirusTotal security
Autopilot 自动循环编排引擎 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:36 AM
- Hash
- 61b09e3c670940e4637631aa2f0c8e272c72941774e621a1004ce8d68c89b05b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: autopilot-pbv Version: 2.2.0 The 'autopilot' skill implements an autonomous Plan-Build-Verify loop that utilizes high-risk flags such as '--dangerously-bypass-approvals-and-sandbox' for the omx CLI and '--dangerously-skip-permissions' for the claude CLI (SKILL.md). These flags explicitly disable user approval and sandboxing, allowing the agent to modify files and execute commands without oversight. Additionally, the verification phase involves running arbitrary local test scripts (e.g., scripts/run_tests.sh) as described in references/verify-guide.md. While these capabilities are aligned with the goal of an autonomous coding agent, the intentional bypassing of security boundaries and the execution of unvetted local scripts represent a significant security risk.
- External report
- View on VirusTotal