Back to skill
Skillv1.0.0
VirusTotal security
Memory Management (PARA) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:55 AM
- Hash
- 39f1c2ffb2c14aeb1b0b99d12769e268be8ac320a77170863a01504a55bdb407
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: memory-para Version: 1.0.0 The skill is designed to process daily logs (`YYYY-MM-DD.md`) and update the agent's core configuration and memory files (`USER.md`, `SOUL.md`, `TOOLS.md`, `IDENTITY.md`, `PROJECTS.md`, `AREAS.md`, `RESOURCES.md`, `MEMORY.md`) as described in `SKILL.md`. This process, which involves extracting 'preferences,' 'lessons,' and 'configurations' from potentially untrusted log input and writing them to sensitive files that define the agent's behavior, creates a significant prompt injection vulnerability. An attacker who can control the content of these daily logs could potentially manipulate the agent's core directives or access parameters. However, the skill itself does not contain explicit malicious commands or intent, classifying it as a vulnerability rather than intentional malware.
- External report
- View on VirusTotal