Back to skill
Skillv0.5.0
VirusTotal security
Skill Soup · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:54 AM
- Hash
- 289f0f927645579d5bd637bd2ad03fa6cff9401272bff43b7a61757c7db1e2cd
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skill-soup Version: 0.5.0 The skill bundle presents a significant supply chain vulnerability. In `SKILL.md`, Step 2 instructs the agent to download and replace its entire `.soup/builders/` directory with content (including `SKILL.md` files and arbitrary `files_json`) from the `http://localhost:3001/api/builders/sync` endpoint. The agent is then explicitly instructed in Step 5 to 'Follow the selected builder's SKILL.md instructions,' creating a direct prompt injection vector. This design allows a compromised or malicious Skill Soup API to inject arbitrary code and instructions, leading to potential remote code execution and other harmful activities, despite the skill itself not containing explicit malicious intent.
- External report
- View on VirusTotal