Back to skill
Skillv0.1.2
VirusTotal security
Agent Visio Use · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 7:29 AM
- Hash
- c963f7735dbe827440e8adf67883044644eee964744dbf5b0c575fe7752dd351
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: diagforge-agent-visio-use Version: 0.1.2 The skill functions as a bootstrap tool that instructs the agent to clone a remote GitHub repository (github.com/qweadzchn/DiagForge) and execute several Python scripts from it. While this behavior is aligned with the stated purpose of onboarding, the pattern of downloading and executing remote code constitutes a high-risk execution flow (RCE). The skill also requires a sensitive environment variable (VISIO_BRIDGE_TOKEN), which, although documented in QUICKSTART.md as a local token, adds to the risk profile of the automated setup process.
- External report
- View on VirusTotal