Back to skill
Skillv1.0.0
VirusTotal security
daily-gushiwen · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:17 AM
- Hash
- 71e293e4ce347135af1fe3d66a033b74bb9d867cdfa243cee843f60e583cef2c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: daily-gushiwen Version: 1.0.0 The skill is classified as suspicious due to its explicit instruction in `SKILL.md` to use `exec+curl` for web scraping. While the current target (`https://www.gushiwen.cn/`) is legitimate and the stated purpose is benign, the `exec` capability allows for arbitrary shell command execution. This represents a significant vulnerability (potential for RCE) if the command or its parameters could be influenced by external input, even without clear evidence of intentional malicious behavior in this specific skill bundle.
- External report
- View on VirusTotal