Back to skill
Skillv2.0.6
VirusTotal security
FOSMVVM Fluent DataModel Generator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:57 AM
- Hash
- f54feb97606f666cf8fcd0654364c1c06f88ba2b6927c6ce29a023684df5adba
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: fosmvvm-fluent-datamodel-generator Version: 2.0.6 The skill is designed for generating Fluent DataModels and instructs the AI agent to analyze project files (e.g., `Package.swift`, existing models, migrations) to understand the codebase, which is expected for its function. However, both `SKILL.md` and `reference.md` explicitly document and provide templates for executing raw SQL queries using `SQLKit` within database migrations. While the examples use `SQLQueryString` with `unsafeRaw` for identifiers, indicating an awareness of SQL injection risks for *fixed* identifiers, the overall capability to generate and execute arbitrary SQL is a high-risk primitive. If the AI agent were to construct these raw SQL queries based on unsanitized user input, it could lead to severe SQL injection vulnerabilities or unauthorized database modifications, classifying this as a significant risky capability.
- External report
- View on VirusTotal