Back to skill
Skillv0.1.0
VirusTotal security
Crop Image · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:53 AM
- Hash
- 544fd9468ea06914dff8092ed24b007291b61b95e39cbdcb2cdac4dbbdcf1fc7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crop-image Version: 0.1.0 The skill provides instructions for an AI agent to upload local files to an external API (api.imageclaw.net) using curl. While the stated purpose is image cropping, the 'Execute Crop by Upload' instruction in SKILL.md allows for the exfiltration of any local file the agent can access, posing a significant security risk if the agent is misdirected to upload sensitive data like credentials or configuration files.
- External report
- View on VirusTotal