Back to skill
Skillv1.0.10
VirusTotal security
Local Context Bridge · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:27 AM
- Hash
- 6c1be70db058630a2515ba5c886ca191c6fc44c99e33deabff08b3626e6e7bff
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: local-context-bridge Version: 1.0.10 The skill bundle is classified as suspicious because `SKILL.md` instructs the AI agent to autonomously install an external package (`cbridge-agent`) and execute setup commands without explicit user authorization. It specifically directs the agent to 'act autonomously' and 'seamlessly' invoke search commands while bypassing user prompts via default configurations. These instructions, combined with the requirement to index local documents and the reliance on an external repository (github.com/whyischen/context-bridge), create a significant risk for unauthorized data access and supply chain exploitation.
- External report
- View on VirusTotal