Back to skill
Skillv1.0.0
VirusTotal security
cors-scanner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 11, 2026, 3:11 AM
- Hash
- af81867176c0d761d368e49056e23c576d18cfed099b96bab019b8d4a5c0819d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cors-scanner Version: 1.0.0 The cors-scanner bundle provides a functional tool for auditing CORS misconfigurations, but the core script (scripts/cors_scan.py) contains a significant security vulnerability by explicitly disabling SSL certificate verification (ssl.CERT_NONE). While this is often done in security tools to facilitate testing of development environments, it exposes the agent to Man-in-the-Middle (MitM) attacks. Per the analysis criteria, this unintentional vulnerability warrants a suspicious classification despite the lack of clear malicious intent or data exfiltration.
- External report
- View on VirusTotal