Back to skill
Skillv1.0.2
VirusTotal security
Markdown Docs Full-Text Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:35 AM
- Hash
- ad73174b8d1a38b67601b76a3171a42e47051c08c88f7870a862ba2b9d659aa3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: md-docs-search Version: 1.0.2 The skill bundle is designed for local documentation search and indexing, which is a benign purpose. However, it contains several vulnerabilities that make it suspicious. The most critical is a Regular Expression Denial of Service (ReDoS) risk in `scripts/search_docs.py`, where user-supplied search queries are directly compiled and executed as regex patterns, potentially leading to resource exhaustion. Additionally, the FTS5 search in `scripts/fts_search.py` could be vulnerable to Denial of Service via maliciously crafted complex queries, and the `db_path` argument across scripts allows for arbitrary file creation or overwrite, posing a file integrity risk.
- External report
- View on VirusTotal