Back to skill
Skillv1.0.0
VirusTotal security
Abstract Searcher · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:59 AM
- Hash
- 57fea19b1bfd356c5f859d9dec50f777dde6339bb82f92971ae8bc0acae7ff9b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: abstract-searcher Version: 1.0.0 The `SKILL.md` file explicitly instructs the AI agent to use the user's Chrome browser profile (`profile=chrome`) for web automation, granting it access to the user's logged-in sessions, cookies, and potentially sensitive data within those sessions. While the stated purpose of fetching academic abstracts is benign, this capability represents a significant privilege escalation for the agent and a high-risk attack surface for potential prompt injection or misuse, as it allows the agent to act as the user within their browser environment. The Python script (`scripts/add_abstracts.py`) itself is benign, performing standard API calls to legitimate academic databases without any malicious code.
- External report
- View on VirusTotal