Back to skill
Skillv1.1.3
VirusTotal security
Openclaw Optimizer Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:35 AM
- Hash
- 402dbff586e4f8ec76f72f2f5ed219f88e86d8c42fd8fa5b54c243604ccf6dd2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-optimizer-pro Version: 1.1.3 The skill bundle provides legitimate optimization and security hardening utilities for OpenClaw, but contains high-risk instructions and a code vulnerability. Specifically, SKILL.md includes a verification command that uses eval() to parse configuration files, which could lead to arbitrary code execution. Furthermore, it instructs the AI agent to perform high-risk actions (executing scripts, modifying code, and reading files) autonomously without user confirmation ('Do directly, no need to confirm'), and recommends elevating the agent's tool profile to 'full,' significantly increasing the potential impact of a prompt injection attack.
- External report
- View on VirusTotal