Back to skill
Skillv0.0.5
VirusTotal security
visual-understanding · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:05 AM
- Hash
- bb517ca5c919457a943c4fd3b1241f413b168b893684a014860101c5f6188a0c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: visual-understanding Version: 0.0.5 The skill demonstrates functionality involving local file system access (reading image files via `os.path.exists` and `open()` in `skill.md`) and making network requests (via `zai` SDK and `curl` to `open.bigmodel.cn`). While these capabilities are necessary for the skill's stated purpose of image processing, they introduce risky operations. If the OpenClaw agent were to execute these code examples with untrusted or unsanitized user input for file paths or URLs, it could lead to vulnerabilities such as arbitrary file reading (path traversal) or Server-Side Request Forgery (SSRF). This constitutes a significant risk if not handled securely by the consuming agent, classifying it as suspicious due to these risky capabilities without clear malicious intent within the skill itself.
- External report
- View on VirusTotal