Back to skill
Skillv1.0.0
VirusTotal security
Local Memory Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:34 AM
- Hash
- cbcc6a7fa1b04d42125892d6834e9b5f7ef6fa05edc8d477c527bc161575e30c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: local-memory-search Version: 1.0.0 The skill is classified as suspicious due to a potential Remote Code Execution (RCE) vulnerability in `search.py`. The script uses `subprocess.run(['ollama', 'embed', EMBEDDING_MODEL, text])` to execute an external command, passing user-controlled input (`text` derived from file content or query) directly as an argument. While `subprocess.run` with a list is generally safer, it still presents a command injection risk if the `ollama` CLI tool itself has argument parsing vulnerabilities. There is no evidence of intentional malicious behavior like data exfiltration to external endpoints or backdoor installation; the network calls are limited to `localhost` for the Ollama service.
- External report
- View on VirusTotal