Back to skill
Skillv1.0.0
VirusTotal security
TNBC Research Swarm · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:14 AM
- Hash
- fd0830802c492502309a3b1f68bae25d64524c9e9edd5752967bf7fc15b1fd6a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tnbc-research-swarm Version: 1.0.0 The skill's primary purpose of contributing to scientific research appears benign. However, the `SKILL.md` file defines `curl` commands that incorporate dynamic content (e.g., `[keywords]`, `[topic]`, `[PMID]`) directly into shell commands. This structure presents a significant shell injection vulnerability (potential RCE) if the OpenClaw agent does not rigorously sanitize or escape these placeholders before execution. While there is no evidence of intentional malicious exploitation within the skill itself, the presence of this high-risk capability without clear safeguards makes it suspicious.
- External report
- View on VirusTotal