Back to skill
Skillv1.0.3
VirusTotal security
kube-medic · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:03 AM
- Hash
- 06528e938ee695c304afffcb93c3521ddcb21a3fe32fe979714932eda7daac52
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: kube-medic Version: 1.0.3 The OpenClaw AgentSkills bundle 'kube-medic' is classified as benign. The `SKILL.md` explicitly instructs the AI agent to require user confirmation for all write operations and to never execute `kubectl exec`. The core script `scripts/kube-medic.sh` robustly implements these security controls, including `set -euo pipefail`, extensive use of `jq --arg` for safe JSON output, double-quoting of all variables in `kubectl` commands, and a highly secure `cmd_confirm_write` function that blocks shell metacharacters, parses commands into arrays, and enforces a strict allowlist for approved `kubectl` write operations while explicitly forbidding `kubectl exec`. The `SECURITY.md` and `TESTING.md` further confirm a strong, well-thought-out security posture.
- External report
- View on VirusTotal