Back to skill
Skillv1.0.8
VirusTotal security
TuriX Computer Use · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:10 AM
- Hash
- a5ce137bd1218f6527ec2ca88a4b9481be56d398a6ca3a2341c51d86be575759
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: turix-cua Version: 1.0.8 The skill bundle is designed for macOS GUI automation, a powerful but legitimate function. It transparently requests high-level permissions (Screen Recording, Accessibility) necessary for its operation. Crucially, the `run_turix.sh` script employs a Python helper to safely update the `config.json` with task arguments, effectively mitigating potential shell injection vulnerabilities. While the script broadly modifies the PATH, this appears to be for functional purposes (e.g., locating `screencapture`) rather than malicious intent. There is no evidence of prompt injection against the agent or code designed for data exfiltration, persistence, or other malicious activities.
- External report
- View on VirusTotal