Back to skill
Skillv1.0.2
VirusTotal security
openlesson · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:29 AM
- Hash
- 8d48f5524b1eed150af4f421937cb543d0da540b087e874ef075222e77b91a8f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: open-lesson Version: 1.0.2 The skill is classified as suspicious due to a prompt injection risk identified in `skill.md`. The documentation explicitly states under 'Credentials' that the skill 'does NOT create actual calendar events' and that 'Reminders' are 'behavioral, not a technical integration.' However, under 'Tips for Agents,' it directly instructs the AI agent to 'Create calendar events or reminders for each session.' This contradiction could lead the agent to attempt to create calendar events using other tools or APIs it might have access to, potentially exceeding the intended scope of this skill or performing unauthorized actions, even though the skill itself lacks the technical capability for calendar integration.
- External report
- View on VirusTotal