Back to skill
Skillv1.0.0
VirusTotal security
我的测试 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:57 AM
- Hash
- 32805bf39b0d90a1a72958068aaae412756121c85fe275c932c1abaae938b09a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: test-outbound Version: 1.0.0 The skill is designed to handle sensitive authentication data, including plaintext credentials (login_credentials.json) and browser session tokens (auth.json), which are high-value targets for exfiltration. It relies on an external script, save_session.py (the content of which was not provided for review), to automate login via Playwright. While the documentation describes a legitimate automation use case for an 'outbound system,' the management of authentication secrets and the lack of visibility into the script's logic present a significant security risk.
- External report
- View on VirusTotal