Back to skill
Skillv0.1.0
VirusTotal security
Ai Agent Tools · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:59 AM
- Hash
- 57ac5b85c0ca8ab13e477af6b2807021ca2306737c976a46878f2b8193c9d916
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ai-agent-tools Version: 0.1.0 The skill provides general-purpose file system read/write/list capabilities via `FileTools` and `DataTools` in `ai_agent_tools.py`. While these functions are presented as benign utilities, they lack input sanitization or path restrictions, making them vulnerable to abuse. An AI agent susceptible to prompt injection could be instructed to read sensitive files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) or write malicious content to arbitrary locations, potentially leading to information disclosure or remote code execution. There is no evidence of intentional malicious behavior, data exfiltration, or persistence mechanisms within the code or documentation, classifying it as a vulnerability rather than outright malice.
- External report
- View on VirusTotal