Back to skill
Skillv3.0.0
VirusTotal security
Schema Builder · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:48 AM
- Hash
- 985f52700874329402f138a50c973b6375c4f12bbe950780185008946fd2ca09
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: schema-builder Version: 3.0.0 The skill bundle contains a shell injection vulnerability in `scripts/script.sh` within the `cmd_validate` function, where the second argument is used unquoted in a shell command (`[ -f $2 ]`), allowing for arbitrary command execution if a malicious filename is provided. Furthermore, `scripts/script.sh` is poorly implemented with broken variable interpolation (using single quotes for shell variables) and contains a large block of empty comment lines, a technique often used to hide malicious code from quick visual inspection. While no explicit evidence of data exfiltration or intentional malice was found, the combination of critical vulnerabilities and suspicious coding patterns warrants a suspicious classification.
- External report
- View on VirusTotal