Back to skill
Skillv1.0.0
VirusTotal security
Visual Prompt Engine · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:12 AM
- Hash
- 24919f78558f8c8d0dbc629b220b28034f724fb415bd04af327a4a0de76cdbf8
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: visual-prompt-engine Version: 1.0.0 The OpenClaw AgentSkills skill bundle 'visual-prompt-engine' is classified as benign. All code and documentation are aligned with the stated purpose of generating diverse image prompts using visual references. The Python scripts (`scrape_dribbble.py`, `style_card.py`) perform legitimate web scraping (from Dribbble) and local file operations within the skill's data directory. Instructions in `SKILL.md` and `references/*.md` guide the AI agent to read local files and compose prompts, without any evidence of prompt injection designed to subvert the agent's core function, exfiltrate data, establish persistence, or execute unauthorized commands. While a general vulnerability for path traversal exists if an agent were to pass unsanitized user input to script arguments like `--output` or `--import-file`, the skill itself does not construct or instruct the use of such malicious paths, making it a vulnerability of the agent's execution environment rather than an intentional malicious act by the skill.
- External report
- View on VirusTotal