Back to skill
Skillv1.0.0
VirusTotal security
Corespeed Excalidraw Rendering · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 26, 2026, 6:56 PM
- Hash
- c7afd3a6816f6dfe08e81779039e8b927b2f7c3e19cd9d9fa4f15f58da693b48
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: corespeed-excalidraw-rendering Version: 1.0.0 The skill employs a high-risk installation pattern in SKILL.md, using 'curl | bash' to execute a remote script from GitHub (raw.githubusercontent.com/corespeed-io/brow/main/install.sh). While the stated functionality of rendering Excalidraw files and capturing screenshots is plausible, the use of unverified remote code execution for installation and the subsequent automated download of browser binaries ('brow browser install') are significant security risks that lack transparency and auditability.
- External report
- View on VirusTotal