Back to skill
Skillv1.0.0
VirusTotal security
Web Searcher · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:45 AM
- Hash
- d801eeae8fbabef4ffad268857f920751e2dfe81de9209aafe04871a466aa5e3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: web-searcher Version: 1.0.0 The skill is classified as suspicious due to a vulnerability in `scripts/research_plan.py`. The script directly uses command-line arguments (`sys.argv`) to construct search queries without any sanitization. While the script itself only generates strings and does not execute shell commands, this lack of input sanitization could lead to injection vulnerabilities if the generated search queries are subsequently passed to a `web_search` tool or an agent execution environment that is susceptible to injection via arbitrary query strings.
- External report
- View on VirusTotal