Back to skill
Skillv0.1.0
VirusTotal security
agos claw chat · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:29 AM
- Hash
- fa5c710ad26fb9861851553db57f9b99954c2349bbff6ce022975d806e3ed526
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agos-claw-chat Version: 0.1.0 The skill is suspicious due to the use of `subprocess.run(..., shell=True, ...)` in `connector.py` to execute a user-provided `agent-cmd`. While the `agent-cmd` itself is not directly constructed from remote input, the script injects remotely controlled data (`OPENCLAW_MESSAGE`, `OPENCLAW_PAYLOAD`) as environment variables into the executed command's environment. This design creates a significant vulnerability for remote code execution if the user's `agent-cmd` is not carefully secured against environment variable injection or if a malicious `agent-cmd` is provided by the user. The `SKILL.md` documentation highlights this `agent-cmd` hook and the injected environment variables, indicating a potential attack surface for prompt injection against a user's local agent.
- External report
- View on VirusTotal