Back to skill
Skillv1.0.0
VirusTotal security
Apple Notes 1.0.0 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:29 AM
- Hash
- 53246fd1dc064e7a6ee4e67b27427f43897ae33f12e17eb284b9d350a9a477ac
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: apple-notes-1-0-0 Version: 1.0.0 The skill instructs the agent to install a third-party CLI tool (`memo`) via Homebrew (`brew tap ... && brew install ...`). This involves downloading and executing code from a remote source (Homebrew formula), which represents a significant supply chain risk. Subsequently, the agent is instructed to execute the `memo` binary, which has broad access to Apple Notes data and the macOS system. While these actions are for the stated purpose of managing Apple Notes, they constitute 'risky capabilities' due to the execution of external binaries and remote code, classifying the skill as suspicious. There is no evidence of intentional malicious behavior or prompt injection attempts against the agent in SKILL.md.
- External report
- View on VirusTotal