Back to skill
Skillv0.1.0
VirusTotal security
Prayer Times - Automated Salat Reminders · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:41 AM
- Hash
- aa96ea6af17748de01e4c5721ea7c93c2843a02bd1140a0baa7fec2b33cd94e2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: muslim-prayer-reminder Version: 0.1.0 The skill's core functionality (fetching prayer times, setting reminders) is benign, utilizing a known API (api.aladhan.com) and local file operations. However, the `CRITICAL_SETUP.md` and `references/setup-reminders.md` files contain strong prompt injection directives, instructing the AI agent to perform autonomous, persistent, and high-priority actions (e.g., creating/managing cron jobs, verifying system state, recreating components 'immediately - don't wait, don't ask') without explicit user confirmation. Additionally, `SKILL.md` and `README.md` include `sudo` commands for installing Cloudflare WARP, which, while intended for troubleshooting network connectivity, represent a high-privilege action that could be exploited if the agent is prompted to execute it without proper user consent. These elements indicate significant vulnerabilities in agent autonomy and privilege, though without clear evidence of intentional malicious behavior.
- External report
- View on VirusTotal