Back to skill
Skillv1.0.0
VirusTotal security
Codex Conductor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:30 AM
- Hash
- 993b089a80927355001476c1da3d7620585f46faaf29e9043f2ebd507fc10d33
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: codex-conductor Version: 1.0.0 The skill bundle is designed as a highly structured software delivery orchestrator, emphasizing 'spec-driven development' and rigorous verification. While it utilizes powerful capabilities like shell command execution (`subprocess.run` with `bash -lc` in `scripts/run_gate.py`) and delegates tasks to external AI coding agents, these are transparently aligned with its stated purpose of orchestrating and validating software builds. The `SKILL.md` and supporting documentation include extensive guardrails and explicit instructions to prevent agent misbehavior, such as enforcing spec adherence, verifying documentation updates, detecting assumptions, and even checking for unauthorized file changes via `git status`. There is no evidence of intentional data exfiltration, malicious execution, persistence, obfuscation, or prompt injection against the OpenClaw agent itself; instead, the skill actively implements controls to mitigate risks from the delegated coding agents.
- External report
- View on VirusTotal