Back to skill
Skillv1.0.0
VirusTotal security
Crypto Budget Boundary Planner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 15, 2026, 11:46 PM
- Hash
- c437af330cb5123e064e480fa3de9b2986d317b3c76cb23af5e41e7c978cbff0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crypto-budget-boundary-planner Version: 1.0.0 The handler.py file contains a path traversal vulnerability in the _load_skill_meta function, which uses the unsanitized skill_name input to construct a filesystem path. Additionally, the code includes a hardcoded absolute path referencing a specific local user directory (/Users/jianghaidong/), which is highly irregular for a portable skill bundle and contradicts the 'Prompt-only' claim in SKILL.md.
- External report
- View on VirusTotal