Back to skill
Skillv0.1.3
VirusTotal security
Git-Map · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:10 AM
- Hash
- 5c3d9fd65e83795d741ee0bd5c0da95c39cb2884f57f0eb7da09723c07911270
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gitmap Version: 0.1.3 The skill is classified as suspicious primarily due to a significant prompt injection vulnerability identified in `SKILL.md`. The documentation explicitly instructs the OpenClaw agent to 'call the CLI directly' for certain `gitmap` operations (e.g., `clone`, `init`), bypassing the skill's defined, parameterized tools. This instruction creates a direct attack surface, allowing an attacker to craft prompts that could lead the agent to execute arbitrary shell commands via `gitmap` CLI, potentially resulting in remote code execution or arbitrary file system manipulation. Additionally, the `tools.py` file uses `subprocess.run` with arguments directly derived from user input (e.g., `cwd`, `message`, `branch`) without explicit sanitization, which, while using `shell=False`, still presents a potential shell injection vulnerability if the underlying `gitmap` CLI has argument parsing flaws or if `cwd` is directed to sensitive locations.
- External report
- View on VirusTotal