Back to skill
Skillv1.0.4
VirusTotal security
TRIGGERcmd - Run commands on your computers remotely · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:04 AM
- Hash
- 7d29f9b9ab87403d9a27079d45362f7fa13ff2ffa0908ddfcfb1d8af9a62dbce
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: triggercmd Version: 1.0.4 The skill is designed to control TRIGGERcmd computers remotely, a powerful but legitimate function. It demonstrates strong security awareness by explicitly warning against token exposure, instructing the agent to confirm commands with side effects, and using `jq -n --arg` to prevent JSON injection in `SKILL.md`. There is no evidence of unauthorized data exfiltration, arbitrary local command execution, persistence mechanisms, or malicious prompt injection attempts against the agent.
- External report
- View on VirusTotal