Back to skill
Skillv1.0.2
VirusTotal security
Iso42001 Aims Readiness · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 5:53 AM
- Hash
- 7cf0974e582096beb91d326d609a03da37735e30cc55c23ba1ff43b830cd13fa
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: iso42001-aims-readiness Version: 1.0.2 The skill contains a potential command injection vulnerability in `SKILL.md` by instructing the AI agent to construct a `curl` command using unsanitized user-provided inputs (e.g., organization name and industry). Additionally, the `scripts/test-api.sh` file uses `curl -sk`, which insecurely disables SSL certificate verification. While the skill's functionality is aligned with its stated purpose of ISO 42001 assessment via the `portal.toolweb.in` API, these implementation flaws represent significant security risks.
- External report
- View on VirusTotal