Back to skill
Skillv3.0.0
VirusTotal security
Medication Reminder · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:00 AM
- Hash
- 9c96a5e0778af90c671a09854256afb319c83e7745729f3777a5f2e483137bd4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: medication-reminder Version: 3.0.0 The script `scripts/script.sh` contains multiple critical shell injection vulnerabilities in the `add`, `take`, and `history` commands because user-supplied arguments (e.g., `$2`, `$3`) are expanded outside of quotes within `echo` and `tail` commands. Additionally, the script contains an unusually large block of empty comments (lines 11–85), which is a common technique used to hide malicious code or bypass simple scanners, although no active payload was found in this specific version.
- External report
- View on VirusTotal