Back to skill
Skillv1.0.10
VirusTotal security
Agent Brain · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:05 AM
- Hash
- 88856d596226a46385f3db0c6bb6ce542a9c70f27fa3f74bc594be44e0e8dd2a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-brain Version: 1.0.10 The skill bundle is classified as suspicious primarily due to a Server-Side Request Forgery (SSRF) vulnerability in `scripts/brain.py`. While `modules/ingest/SKILL.md` explicitly details robust URL validation to prevent SSRF for the 'ingest' functionality, the `remote_semantic_vector` function in `scripts/brain.py` performs network requests to `AGENT_BRAIN_EMBEDDING_URL` without implementing these crucial validation checks. This discrepancy creates a significant flaw that could allow an attacker to make requests to internal network resources if they can control the `AGENT_BRAIN_EMBEDDING_URL` environment variable. Other potential risks, such as shell injection from agent instructions in `SKILL.md`, are largely mitigated by `scripts/brain.py`'s use of parameterized queries and direct Python file operations. The optional cloud synchronization to `https://api.supermemory.ai/v3/documents` is a documented feature with PII guardrails, not malicious exfiltration.
- External report
- View on VirusTotal