Back to skill
Skillv1.0.0
VirusTotal security
GEO Competitor Scanner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:51 AM
- Hash
- c13b66c181cdffc860a2ddcaf1e341deb70f6e9b99a850e292b9e50c98235f72
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: geo-competitor-scanner Version: 1.0.0 The skill performs legitimate web scraping for GEO analysis using `requests` and `BeautifulSoup`. It fetches public website content and does not exhibit clear malicious intent such as data exfiltration to unauthorized endpoints, persistence mechanisms, or direct remote code execution. However, the `scripts/scan_competitors.py` script is vulnerable to path traversal via the `--output` argument, allowing an attacker to write the generated report to an arbitrary file path (e.g., `../../../../etc/passwd`). This is a significant vulnerability that allows unauthorized file modification, classifying the skill as suspicious rather than benign.
- External report
- View on VirusTotal