Back to skill
Skillv1.7.8
VirusTotal security
Siyuan Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:35 AM
- Hash
- 5b714b77b71e3c0d34e596a67e41747e107683515e3e738fd7f038caca263483
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: siyuan-skill Version: 1.7.8 The siyuan-skill bundle is a legitimate CLI tool for interacting with the Siyuan Notes API. It features a well-structured codebase with explicit security implementations, including a notebook-level permission system (utils/permission.js), multi-layered delete protection (utils/delete-protection.js), and SQL injection mitigation for search queries (lib/search-manager.js). The documentation in SKILL.md specifically instructs the AI agent to respect safety configurations and avoid unauthorized modifications. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; all network activity is directed to user-configured local or private endpoints (Siyuan API, Qdrant, and Ollama).
- External report
- View on VirusTotal