Back to skill
Skillv1.0.1
VirusTotal security
GEO Site Readiness Audit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:47 AM
- Hash
- 0b3fc859ecb1f0f1347971f5838cf5003ccc6b71436a8b5bb3ca173ebc3a2a7b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: geo-site-audit Version: 1.0.1 The skill is classified as suspicious due to its inherent capabilities that, while necessary for its stated purpose, introduce significant security risks if misused. The `scripts/geo_audit.py` file performs arbitrary HTTP/HTTPS requests to user-provided domains, enabling potential Server-Side Request Forgery (SSRF) to probe internal networks or cloud metadata endpoints. Additionally, `scripts/batch_audit.py` writes audit reports to a user-specified output directory, which could lead to unintended file system writes if a malicious path is provided. There is no evidence of intentional malicious behavior like data exfiltration or backdoor installation within the code, but the broad network and file system access based on untrusted input makes it a high-risk capability.
- External report
- View on VirusTotal