Back to skill
Skillv1.2.1
VirusTotal security
Version Drift Publish · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:36 AM
- Hash
- e0a464eaa89a366ae1920211d9383ed0d4f30359412a610e4fa2a6c2818faa84
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: version-drift Version: 1.2.1 The bundle provides a version-tracking utility that utilizes high-risk primitives, specifically arbitrary local shell execution via 'sh -c' and remote execution via SSH in drift.py. While these capabilities are aligned with the tool's stated purpose of checking software versions across a stack, the script lacks input sanitization for commands defined in config.yaml, creating a direct path for Remote Code Execution (RCE). No evidence of intentional malice, data exfiltration, or hardcoded backdoors was found, but the broad execution surface on both the local host and remote servers justifies a suspicious classification.
- External report
- View on VirusTotal