Back to skill
Skillv1.0.1
VirusTotal security
my_send_email · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:05 AM
- Hash
- 3b5b2fd3faea516db5f315e6a2b224fa8dd5e865156a15ecee1ad95b74b4877e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mysendemail Version: 1.0.1 The skill bundle contains hardcoded plaintext credentials (password: 'A5b3C3D6!') for a corporate SMTP account (ai_assistant@cloudtrend.com.cn) in the send_mail.py script. While the script's logic aligns with its stated purpose of sending emails, the inclusion of sensitive credentials in the source code is a significant security risk that could lead to unauthorized use of the email account.
- External report
- View on VirusTotal