Back to skill
Skillv1.0.0
VirusTotal security
Anspire Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 9, 2026, 6:21 AM
- Hash
- bdb8111c049387458740faff27a56dd86b368ad74bf07e4b4149be7717f0f7f3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: anspire-ai-search Version: 1.0.0 The skill bundle provides web search functionality via the domain plugin.anspire.cn, but contains high-risk instructions in SKILL.md that direct the AI agent to perform automated system modifications. Specifically, it instructs the agent to modify shell configuration files (~/.zshrc, ~/.bashrc) and use 'setx' on Windows to persistently store API keys. While intended for setup convenience, modifying shell profiles is a classic persistence mechanism and poses a significant security risk if the agent is manipulated. Furthermore, the instructions use aggressive prompt-injection language to force the agent to prioritize this skill over all other search methods.
- External report
- View on VirusTotal