Back to skill
Skillv1.0.1
VirusTotal security
critical-disease-review · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 7:09 AM
- Hash
- a984b69e42863de30ff83008522a7e0f2ff7593bb5603a75a6cf13364d1ea67e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: critical-disease-review Version: 1.0.1 The skill sends sensitive medical record data to a remote API (shangbao.yunzhisheng.cn) for insurance claim assessment. While this is its stated purpose, it is classified as suspicious because the SKILL.md documentation explicitly claims 'strict de-identification' is performed before transmission, yet the provided code in scripts/major_disease_assess.py lacks any de-identification logic and simply forwards the input data. Additionally, there is a discrepancy between the internal IP address (10.10.20.15) mentioned in the documentation and the public domain used in the actual script.
- External report
- View on VirusTotal