Back to skill
Skillv1.0.1
VirusTotal security
Policy Lawyer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:21 AM
- Hash
- 1d19c32781e5e57eb93ac100e3c2e512ff95ba06ec41da99b18348791b92bc31
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 2 The `scripts/policy_lawyer.py` script is classified as suspicious due to its `--policy-file` argument, which allows the skill to read arbitrary files from the filesystem. While the `SKILL.md` provides a plausible use case for comparing policies across workspaces, this broad file access capability presents a significant local file read vulnerability, enabling potential information disclosure if exploited. There is no direct evidence of data exfiltration, malicious execution, or prompt injection within the provided files.
- External report
- View on VirusTotal