Back to skill
Skillv1.0.0
VirusTotal security
Line Client · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:26 AM
- Hash
- d084d81ac88e13c1704e0c6b4a81e2184d8b4c53309f5efeb191de8a97e133d0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: line-client Version: 1.0.0 The skill is classified as suspicious due to several high-risk capabilities, even though no explicit malicious intent is evident. It starts a Node.js server on a local port (18944) for HMAC signing, executes WebAssembly (lstm.wasm) via a JavaScript sandbox, and runs Python scripts as subprocesses (e.g., scripts/qr_login_server.py). The SKILL.md also contains direct instructions for the AI agent to handle sensitive user interactions (e.g., `send_pin_to_user_IMMEDIATELY(pin)`), demonstrating a clear prompt injection attack surface. While these actions are described as necessary for the stated purpose of a LINE client, they introduce significant attack surface and complexity.
- External report
- View on VirusTotal