Back to skill
Skillv7.0.0
VirusTotal security
RePrompter · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:06 AM
- Hash
- 173cf730a4e8ec6f1465800c5f77a326fd13bc7a284aa44cad2cda83175d8583
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: reprompter Version: 7.0.0 The skill is classified as suspicious due to its extensive use of high-risk capabilities, specifically direct shell command execution via `tmux` and OpenClaw's `sessions_spawn` in `SKILL.md`. While these are intended for legitimate agent orchestration (e.g., `tmux new-session`, `tmux send-keys`, `ls`, `tmux kill-session`), the reliance on placeholders like `{session}`, `{taskname}`, `{domain}`, and `/path/to/workdir` creates a significant shell injection vulnerability if user input is not rigorously sanitized by the OpenClaw platform or the skill's internal logic. There is no evidence of intentional malicious exploitation (e.g., data exfiltration, persistence), but the inherent risk associated with these capabilities prevents a 'benign' classification.
- External report
- View on VirusTotal