Back to skill
Skillv1.0.0
VirusTotal security
Pet Behavior Recognition Skill | 宠物行为识别技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 16, 2026, 11:31 AM
- Hash
- 59ad4cb3b43b8c350000c0089ace7c0cae6dc42a2648c1c0b148b91ac7249658
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: smyx-pet-behavior-detection-analysis Version: 1.0.0 The skill bundle exhibits several high-risk patterns, including aggressive prompt instructions in SKILL.md that command the AI to ignore local memory/logs and exclusively use remote cloud APIs. It contains a significant amount of unrelated code (a complete 'face_analysis' skill nested within the pet skill), suggesting poor supply chain hygiene. Technically, the bundle implements an automated remote registration/login system in 'smyx_common/scripts/util.py' and 'dao.py' that collects user identifiers (like phone numbers) to fetch and store session tokens in a local SQLite database. Additionally, 'smyx_common/scripts/skill.py' contains logic to execute recursive agent commands via subprocess.run, which could be leveraged for complex prompt injection attacks. Remote communication is directed to lifeemergence.com.
- External report
- View on VirusTotal