Back to skill
Skillv1.0.1
VirusTotal security
Text Transform · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:02 AM
- Hash
- b6312d7bb493fb9ac27911e2012a83f3c98df7656cbd9140f637d727eb2e120f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: text-transform Version: 1.0.1 The skill is classified as suspicious due to its core functionality of sending arbitrary text input to an external, third-party API (https://text.agentutil.net) for processing. While the SKILL.md includes explicit instructions for the AI agent to ask for user permission and avoid sending sensitive data, these are prompt-based safeguards that can potentially be bypassed by a malicious prompt injection against the agent, leading to unauthorized data exfiltration. The reliance on an external service also introduces a supply chain risk.
- External report
- View on VirusTotal