Back to skill
Skillv0.1.2026210402
VirusTotal security
Luckee Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:32 AM
- Hash
- b1242a5bec80d2b37fc29970b69676635d1d11f5313d7d51a611116a9230fdc3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: luckee-skill Version: 0.1.2026210402 The skill bundle (SKILL.md and reference.md) instructs the AI agent to perform high-risk system operations, including cloning a remote GitHub repository (github.com/motse-ai/luckee-openclaw-plugin.git), installing Python packages via pip (luckee-cli), and modifying OpenClaw configuration settings. While these actions are plausibly required for the stated purpose of setting up the 'Luckee AI' e-commerce assistant, the use of the agent to execute shell commands and manage external code dependencies represents a significant attack surface. No explicit evidence of malicious intent or data exfiltration was found, but the high-privilege installation flow warrants caution.
- External report
- View on VirusTotal