Back to skill
Skillv1.1.1
VirusTotal security
agentrelay · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:23 AM
- Hash
- f2f73e16adf11a1aed7ec0d55993bea959591b66784bf125e1a0e491d01d440c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentrelay Version: 1.1.1 The skill contains significant path traversal vulnerabilities in the `resolve_alias` and `agentrelay_update_file` functions within `__init__.py`. These flaws allow an attacker to craft a protocol message that tricks the agent into reading or overwriting arbitrary JSON files on the system by manipulating the file pointer (`ptr`) or `event_id` fields. Furthermore, the `SKILL.md` instructions use forceful language to compel the AI agent to immediately execute these commands upon seeing specific trigger patterns, creating a high-risk 'confused deputy' scenario where the agent could be used to exfiltrate or corrupt data.
- External report
- View on VirusTotal