Back to skill
Skillv1.0.1
VirusTotal security
Cross Channel Memory · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:11 AM
- Hash
- df697b554b7870ee29e81f249613c41cf0b0e6b3616d44d85e4690bf485dcbea
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cross-channel-memory Version: 1.0.1 The skill bundle contains multiple scripts (init_mapping.py, lookup_user.py, memory_sync.py, and session_hooks.py) that use hardcoded absolute file paths pointing to a specific local user's home directory (/home/wljmmx/). While the logic appears to support the stated goal of cross-channel memory synchronization, hardcoding a specific username in a distributed skill bundle is a significant security and functional risk, as it targets a specific environment and lacks portability. There is no clear evidence of intentional data exfiltration or malicious intent, but the practice is highly irregular for a general-purpose agent skill.
- External report
- View on VirusTotal