Back to skill
Skillv1.0.0
VirusTotal security
openclaw-cheatsheet · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:21 AM
- Hash
- 98a442ca05c4f1f8935504e4e2bf69be5a0da50ec4a5879b866c7d9ff121df05
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-cheatsheet Version: 1.0.0 The skill bundle provides a cheatsheet for powerful OpenClaw CLI commands (e.g., `config set`, `gateway install/uninstall`, `cron rm`, `agents delete`) and documents the use of external CLI tools like `obsidian-cli` and local Node.js scripts. While these commands inherently carry risk due to their system interaction capabilities (file system access, service management, configuration changes), the `SKILL.md` and `README.md` files explicitly include strong safety rules, instructing the agent to 'Never run destructive or state-changing commands... without confirming with the user first.' This mitigates direct malicious intent from the skill itself. However, the documentation of such powerful commands and the agent's capability to execute them (even with a safety prompt) makes the skill 'suspicious' rather than 'benign' due to the potential for misuse or exploitation if the agent's safety mechanisms were bypassed by a user's prompt, despite the skill's own defensive instructions.
- External report
- View on VirusTotal