Back to skill
Skillv1.0.0
VirusTotal security
Postgres Job Queue · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:44 AM
- Hash
- f74afb94557c86c396ab8df421ab3d7dbbadf4b5f22d9cfd4d2de0bedac9fad3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: postgres-job-queue Version: 1.0.0 The skill is classified as suspicious due to the presence of a remote code execution instruction in `README.md`. The `npx add` command instructs the agent to fetch and execute a script from a GitHub URL. While this specific instance points to the skill's own repository for installation, it represents a risky capability for remote execution that could be leveraged for malicious purposes if the URL were altered or compromised, aligning with the 'risky capabilities without clear malicious intent' criteria.
- External report
- View on VirusTotal