Back to skill
Skillv0.0.1
VirusTotal security
toolguard-daemon-control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:55 AM
- Hash
- c702cb1b3d5e669c0140ed1fed2cc6de77f06e759d49881502cf0926bd4517c0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: toolguard-daemon-control Version: 0.0.1 The skill is classified as suspicious due to a critical shell injection vulnerability in `scripts/install.sh`. The line `WORKDIR=$(eval echo "$WORKDIR")` allows arbitrary command execution if an attacker can control the `--workdir` argument, leading to a remote code execution (RCE) risk during the skill's installation process. While the skill's primary function of managing launchd services is legitimate, this specific flaw makes it dangerous. There is no evidence of intentional malicious behavior like data exfiltration or backdoor installation by the skill itself, but the vulnerability is severe.
- External report
- View on VirusTotal