Back to skill
Skillv1.0.1
VirusTotal security
goods-images · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:42 AM
- Hash
- 508c5283941d9ef3f1e34d266b549149844553c9f4509f5161441517bd73def8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: goods-images Version: 1.0.1 The skill bundle 'goods-images' uses the 'run_command' tool to install the 'Pillow' library and execute a Python script for image processing. While these actions are plausibly needed for the stated purpose of generating e-commerce images with text overlays, the use of arbitrary shell execution and package installation represents a high-risk capability. No evidence of malicious intent, such as data exfiltration or backdoors, was found in SKILL.md or _meta.json.
- External report
- View on VirusTotal