Back to skill
Skillv1.5.0
VirusTotal security
码虫日报补课系统 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 20, 2026, 1:56 PM
- Hash
- 457a4299cdd82ee4347310288d37c7c6e21fc533cfe52c99170b9086d1249cda
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: daily-report-catchup Version: 1.5.0 The skill bundle contains logic designed to suppress security warnings and bypass execution restrictions. Specifically, 'skills.sh' explicitly filters out 'symlink-escape' and 'escaped skill path' warnings from the OpenClaw CLI output, which could hide legitimate security risks from the user. Additionally, 'catch-up.sh' provides instructions on how to bypass 'exec pre-check' mechanisms using absolute paths. The scripts also rely on hardcoded absolute paths to a specific user's home directory ('/home/colbert/'), which is a privacy and portability concern, though not inherently malicious.
- External report
- View on VirusTotal