Back to skill
Skillv1.0.1
VirusTotal security
Autoimprove · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:27 AM
- Hash
- fd4b382229033a4bcda99ec8ba95cbe4425e78c61dafcae3fb4b87af3d6998d9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: autoimprove Version: 1.0.1 The 'autoimprove' skill bundle implements an autonomous optimization loop that allows an AI agent to modify source code and execute arbitrary shell commands (tests and benchmarks) based on a user-provided 'improve.md' file. While the skill includes several safety guardrails—such as git-based rollbacks, scope enforcement, and baseline verification—the core functionality of executing arbitrary commands and modifying files represents a significant security risk. The instructions in SKILL.md and references/protocol.md guide the agent through this high-risk process, which could be exploited if a malicious configuration is provided, although the skill itself appears designed for legitimate optimization tasks.
- External report
- View on VirusTotal