Back to skill
Skillv1.0.0
VirusTotal security
XHS Image Gen · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:28 AM
- Hash
- 51379b459200bf05dae9b6f779f0f741b9b1a141abc27ed278529cf67e1ab88d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: xhs-image-gen Version: 1.0.0 The skill bundle contains several high-risk vulnerabilities that could be exploited via prompt injection. Specifically, the rendering scripts (scripts/render_xhs.py and scripts/render_xhs.js) use Playwright to render HTML generated from Markdown without explicit sanitization, and render_xhs.py explicitly supports the 'file://' protocol for the --avatar parameter. This creates a risk of Local File Inclusion (LFI) or SSRF, where an attacker could trick the agent into rendering sensitive local files (e.g., .env, SSH keys) into the generated images. Additionally, render-rex.sh contains hardcoded absolute paths to a specific local user directory (/Users/mo), which is a security oversight.
- External report
- View on VirusTotal