Back to skill
Skillv2.1.0
VirusTotal security
Ontology Mapper · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:31 AM
- Hash
- 7626cbd219d93b5c6c7cecdffb67a8a5556f4eae68ae40242c8de6823ab7bb9a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ontology-mapper Version: 2.1.0 The skill's Python code in SKILL.md is benign, performing ontology mapping without any direct file system, network, or shell interactions. However, the `claw.json` manifest requests `filesystem` permission. While the `instructions.md` implicitly justifies this permission by mentioning handling 'file paths' for input and offering 'export to Excel/CSV/JSON' for output (implying the agent will perform file I/O around the skill's core logic), this broad permission represents a significant attack surface. If the AI agent were vulnerable to prompt injection, this permission could be abused to read or write arbitrary files, classifying it as a vulnerability and thus 'suspicious' rather than 'benign'.
- External report
- View on VirusTotal