Back to skill
Skillv1.1.0
VirusTotal security
Idea Storm · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:53 AM
- Hash
- 622ab894e30aba7a5be3ad01107bd7d45cb664335b254e78fa2abab2a0a5bbf2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: idea-storm Version: 1.1.0 The skill is classified as suspicious due to several high-risk vulnerabilities, primarily shell injection within the Docker sandbox and direct access to sensitive API keys. The `scripts/run-sandbox.sh` script directly embeds the `$PROMPT` variable into a `bash -c` command, allowing for arbitrary command execution inside the Docker container if the prompt is not properly sanitized. Additionally, the skill explicitly accesses sensitive API keys/tokens from `openclaw.json` and environment variables (e.g., `ANTHROPIC_AUTH_TOKEN`, `NOTION_TOKEN`) for its operations. While these actions are intended for the skill's stated purpose (using Claude Code and Notion), they represent significant attack surfaces. There is no clear evidence of intentional malicious behavior like unauthorized data exfiltration, persistence, or remote control.
- External report
- View on VirusTotal