Back to skill
Skillv1.0.0
VirusTotal security
test · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 11, 2026, 12:21 AM
- Hash
- 79c307238e1e406dc267d1b4918a024a9e2965735a2cdf06a91fe2a03da6ccfa
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agency-evidence-collector Version: 1.0.0 The skill bundle defines a QA agent persona that is instructed to execute shell commands and local scripts for evidence collection. Specifically, AGENTS.md contains a 'Mandatory Process' requiring the execution of a local script `./qa-playwright-capture.sh` against a local endpoint (http://localhost:8000) and performing file system operations like `ls` and `grep` to verify implementations. While these actions are aligned with the stated QA purpose, the use of shell execution and local network access constitutes a risky capability profile that warrants a suspicious classification under the provided criteria.
- External report
- View on VirusTotal