Back to skill
Skillv1.2.0
VirusTotal security
Siphonclaw Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:57 AM
- Hash
- 2ad3772417ad5ca5948d8c8f82430876f6eae8a352f55d191d24064c13fce935
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: siphonclaw Version: 1.2.0 This skill is classified as suspicious due to several high-risk capabilities and setup instructions. The `SKILL.md` and `README.md` both instruct users to execute a remote script via `curl -fsSL ... | sh` during setup, which is a significant Remote Code Execution (RCE) risk. Furthermore, the `siphonclaw_ingest` and `siphonclaw_identify` tools accept absolute `file_path` and `image_path` parameters, respectively, allowing an agent to potentially access and process arbitrary local files. The skill also supports ingesting content from arbitrary URLs (`url_loader.py`), posing a Server-Side Request Forgery (SSRF) risk. These capabilities, while potentially aligned with the stated purpose of document intelligence, create significant prompt injection vulnerabilities for local file disclosure and internal network access if an agent is maliciously prompted.
- External report
- View on VirusTotal