Back to skill
Skillv1.0.0
VirusTotal security
Server Health Agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:16 AM
- Hash
- 0ea32a2604f95c615e4e94eda1f79d1d6ede0839af3a638ee0c3e6bed49b2de2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: server-health-agent Version: 1.0.0 The skill is classified as suspicious due to its explicit request for `shell` permission in `SKILL.md` and the use of `child_process.exec` in `skill.js` to run system commands (`top`, `free`, `df`, `docker ps`). While the executed commands are hardcoded, read-only, and do not incorporate user input (thus avoiding direct shell injection vulnerabilities), the broad `shell` permission and the use of a powerful primitive like `exec` represent a significant risky capability, even if plausibly needed for the stated monitoring purpose. This aligns with the guideline to classify broad permissions and risky capabilities as 'suspicious' when clear malicious intent is absent.
- External report
- View on VirusTotal