Back to skill
Skillv1.0.0
VirusTotal security
article-link-skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 12, 2026, 8:26 AM
- Hash
- c1db46c4245814f18bf62f825902f4d6186f16195f6fb08c2d9c5b061996bb05
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: article-link-skill Version: 1.0.0 The skill bundle provides a tool for extracting paywalled articles via the pick-read.vip API. The primary concern is in `scripts/article_link.py`, which intentionally disables SSL certificate verification (`ssl.CERT_NONE`) and bypasses system proxies. This creates a significant security vulnerability (MITM risk) that could lead to the theft of the user's `import_token` or other sensitive data. While the code lacks overt malicious intent and follows its stated purpose, the inclusion of high-risk security bypasses warrants a suspicious classification.
- External report
- View on VirusTotal