Back to skill
Skillv1.0.3
VirusTotal security
Private Web App (PWA) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:23 AM
- Hash
- dbdd46b5666f847f257682ae06481073cbfedb8af0623cbe7ffdd285617d0c51
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: privateapp Version: 1.0.3 The skill bundle is classified as suspicious due to several critical vulnerabilities. The `scripts/server.py` and `scripts/app_loader.py` allow for Remote Code Execution (RCE) by enabling users to add arbitrary directories as app discovery paths via the `/api/settings/paths` API, from which Python backend code (`backend/routes.py`) can be dynamically loaded and executed. Additionally, the `apps/system-monitor/backend/routes.py` exposes unauthenticated API endpoints (`/api/app/sysmon/action/restart`, `/api/app/sysmon/action/shutdown`) that execute `sudo reboot` or `sudo shutdown`, allowing any network-accessible client to control system power. The `scripts/install.sh` also presents a supply chain risk by using `curl -fsSL ... | sh` to install Tailscale, a pattern vulnerable to remote code execution if the source script is compromised. Finally, the custom markdown renderer in `apps/file-browser/frontend/src/App.tsx` uses `dangerouslySetInnerHTML`, posing a potential Cross-Site Scripting (XSS) vulnerability.
- External report
- View on VirusTotal