Back to skill
Skillv1.1.0
VirusTotal security
Food Calendar Order · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:31 AM
- Hash
- a0d196c886e358f90d0a639dc759da2f86717a1f015cad3e3bd06414179c63e8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: food-cal-order Version: 1.1.0 The skill is classified as suspicious due to its inherent high-risk capabilities, specifically the explicit instruction to access the user's local Chrome profile, which contains sensitive data like saved logins, payment methods, and delivery addresses. While this access is necessary for the stated purpose of browser-automated food ordering and the skill includes critical safeguards like mandatory user confirmation before placing an order and strict allergy/dietary constraint enforcement, the potential for misuse or compromise of such a powerful capability warrants a 'suspicious' classification. There is no evidence of intentional malicious behavior such as data exfiltration to external endpoints, unauthorized remote control, or obfuscation within the provided files; in fact, the prompt injection instructions in SKILL.md are largely defensive, guiding the agent to prioritize user safety and explicit confirmation.
- External report
- View on VirusTotal