Back to skill
Skillv0.1.0
VirusTotal security
Agent Development · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:12 AM
- Hash
- 8cba71d1a2285e21e3baae241fdba5b5efde40b4f7d67c8e593e86d4021f25a2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-development Version: 0.1.0 This skill bundle is designed to teach users how to build powerful OpenClaw agents. It is classified as suspicious due to its explicit recommendations for granting broad permissions to agents. Specifically, it advises configuring `.claude/settings.json` with `WebFetch(domain:*)` and an extensive allowlist of `Bash` commands (e.g., `cd`, `cp`, `ls`, `cat`, `find`, `echo`, `grep`, `mv`, `for`, `cut`), as detailed in `SKILL.md` and `rules/custom-agent-instructions.md`. While the stated intent is to enable agents to operate autonomously without constant human approval, these broad permissions for network access and system command execution introduce significant risk, as they could be leveraged for data exfiltration or unauthorized system manipulation if an agent were compromised or given a malicious prompt, even though the skill bundle itself does not contain instructions for such malicious actions.
- External report
- View on VirusTotal