Back to skill
Skillv1.0.0
VirusTotal security
Summary Budget Model And New Script · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 28, 2026, 2:56 AM
- Hash
- 3c7f1f994a9082577e4bd42f580bae360216abfdaa2427a8ac1f3afa22e4243d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: summary-budget-model-and-new-script Version: 1.0.0 The skill bundle is designed to automatically modify and update files in other skill directories (specifically `platform-script-skills` and `BudgetDataModelSkills`) based on conversation history. This cross-skill write capability, detailed in `SKILL.md` and `references/使用说明.md`, is a high-risk behavior that could be exploited via prompt injection to persist malicious code or corrupt data models across the agent's environment. While the intent appears to be productivity-focused knowledge management, the lack of robust sandboxing for these file operations makes it a significant security concern.
- External report
- View on VirusTotal