Back to skill
Skillv1.0.2
VirusTotal security
Gsd Claw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:35 AM
- Hash
- 8e401a0e3850d099d5a9b658e5564a4c030334ef73fe526662cd00fdfcce2c1f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gsd-claw Version: 1.0.2 The skill is classified as suspicious due to the broad and powerful capabilities it instructs the AI agent to use. Specifically, the `SKILL.md` document explicitly directs the agent to execute shell commands (via `<verify>` tags in plans and general 'PowerShell/cross-platform' scripting), modify files, interact with version control (git commits), and spawn sub-agents (`sessions_spawn`). While these capabilities are presented as necessary for the skill's stated purpose of 'spec-driven development', they inherently pose a significant security risk if the agent's instructions or inputs were to be compromised, potentially leading to unauthorized execution or data manipulation. There is no clear evidence of intentional malicious behavior within the provided files themselves, but the extensive permissions granted elevate the risk beyond benign.
- External report
- View on VirusTotal