Back to skill
Skillv1.0.0
VirusTotal security
memory-system · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:28 AM
- Hash
- fd3b1985d6f240208f502a8e4daac56bafec603e22b5b92fe945c58326b7dd74
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclow-memory Version: 1.0.0 The skill bundle contains significant security vulnerabilities, specifically SQL and shell injection risks in `scripts/memory_manager.py` and `scripts/memory_search.py`. These scripts construct command-line strings for `psql` using f-strings and unsanitized file content or user input, which could be exploited if the agent processes untrusted data. While the behavior aligns with the stated purpose of local memory management and no evidence of intentional exfiltration or remote backdoors was found, the poor security practices and hardcoded local environment details (user 'damien') warrant a suspicious classification.
- External report
- View on VirusTotal