Back to skill
Skillv1.0.1
VirusTotal security
openclaw-android · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:11 AM
- Hash
- a0901121cd8531a9da3db79f1dd53bc7c7d20c3b4a1ae76be4baa35b2d10f9e1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-android Version: 1.0.1 The skill provides extensive control over an Android device, including requesting root privileges via 'su' and performing actions like input simulation, app management, and file listing. While the functionality aligns with its stated purpose as an Android controller, the 'shell.sh' script lacks input sanitization for arguments passed to system commands (e.g., 'am', 'pm', 'input'), which could allow for command injection. No clear evidence of intentional malice or data exfiltration was found, but the high-privilege requirements and broad access make it high-risk.
- External report
- View on VirusTotal