Back to skill
Skillv1.2.0
VirusTotal security
Issue Prioritizer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:34 AM
- Hash
- 7aa5003b46bfa04eee9142552e3eaac2ba6fc94a8463157dcee73804ef11b807
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: issue-prioritizer Version: 1.2.0 The skill is designed for benign GitHub issue prioritization and explicitly states it is 'read-only' multiple times. The instructions provided to the agent and sub-agents only utilize read-only GitHub CLI commands (`gh issue list`, `gh pr list`). However, the `commands/issue-prioritizer.md` file's `allowed-tools` section grants the agent `Bash(gh api*)` permission. The `gh api` command can be used to perform arbitrary authenticated GitHub API calls, including write operations (e.g., creating issues, comments, or deleting repositories), which contradicts the skill's stated read-only nature. This over-permissioned tool grant creates a potential prompt injection vulnerability, allowing a malicious user prompt to instruct the agent to perform unauthorized write actions, despite the skill's intended purpose. There is no evidence of intentional malicious behavior within the skill's own instructions or code, classifying this as a significant vulnerability rather than malware.
- External report
- View on VirusTotal