Back to skill
Skillv1.0.0
VirusTotal security
google-search-wsl · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 21, 2026, 6:51 AM
- Hash
- d54467ce0390705d27afa236b4bd8f727098d16f34d07b3dc77d5645f33c92b1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: google-search-wsl Version: 1.0.0 The skill configures Google Chrome with the `--remote-allow-origins='*'` flag in `scripts/google-search-chrome.sh`, which is a security vulnerability that allows any website visited in that browser to potentially interact with the Chrome DevTools Protocol (CDP) on port 9222. While this configuration is often used to facilitate automation, it creates a significant attack surface for cross-site exploitation. The script and instructions in `SKILL.md` otherwise appear aligned with the stated purpose of enabling web searches within a WSL environment.
- External report
- View on VirusTotal