Back to skill
Skillv1.0.0
VirusTotal security
Crypto Fomo Cooldown · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 16, 2026, 1:11 AM
- Hash
- 6cbb22f9ee865aa2f471b30c701ee32b5da06695904078560768defb7018247c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crypto-fomo-cooldown Version: 1.0.0 The handler.py file contains a path traversal vulnerability in the _load_skill_meta function, which constructs a file path using an unsanitized user-provided skill_name. Furthermore, the code uses a hardcoded absolute path referencing a specific local user directory (/Users/jianghaidong/), which is a significant security flaw and highly irregular for a portable skill. While these issues represent critical vulnerabilities, they appear to be unintentional bugs or poor development practices rather than active malware, as no exfiltration logic is present.
- External report
- View on VirusTotal