Back to skill
Skillv1.9.5
VirusTotal security
Overkill Memory System · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:32 AM
- Hash
- 0ba470b38e70145f174679e3f33342ad4212a58954b47fe5f475314d2c245276
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: overkill-memory-system Version: 1.9.5 The skill is classified as suspicious due to multiple critical vulnerabilities, primarily prompt injection vectors and potential remote code execution (RCE). User-controlled input (e.g., `content`, `fact`, `description`, `context`, `mitigation`, `task`, `notes`, `action`) is written directly into various markdown and JSON files (`SESSION-STATE.md`, `CRON-INBOX.md`, `diary/*.md`, `git-notes/index.json`, `ERRORS.md`, `LEARNINGS.md`, `FEATURE_REQUESTS.md`, `acc-state.json`, `habits.json`, `internal_state.json`, `reflections/*.json`). These files are explicitly designed to be read and interpreted by the AI agent (e.g., `ACC_STATE.md` is 'for prompt injection'), creating direct prompt injection vulnerabilities. Additionally, `acc-error-memory/scripts/calibrate-patterns.sh` and `acc-error-memory/scripts/haiku-screen.sh` execute external LLM CLI commands via `subprocess.run` using the `ACC_MODELS` environment variable. If `ACC_MODELS` can be controlled by an attacker, this leads to RCE. While the skill's stated purpose is benign, these vulnerabilities present significant attack surfaces.
- External report
- View on VirusTotal