Back to skill
Skillv1.0.0
VirusTotal security
餐厅推荐交叉验证 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:40 AM
- Hash
- 7edaa270efd3e0d05b4d42ca5da764d43427db0dc327d2a01bea7031956bf8c9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: restaurant-crosscheck Version: 1.0.0 The skill is classified as suspicious due to its reliance on web scraping, which involves several high-risk capabilities. Specifically, `setup.sh` downloads and installs Playwright's Chromium browser (`python3 -m playwright install chromium`), and uses the `--break-system-packages` flag for pip installations, which can interfere with system Python. The `scripts/session_manager.py` script handles persistent login sessions for Dianping and Xiaohongshu by saving browser profile data (including cookies) locally, which, while stated to be for local use and not exfiltrated, involves handling sensitive authentication state. These actions, while necessary for the skill's stated purpose of real-time data fetching, introduce supply chain risks and potential for system interference, without clear malicious intent.
- External report
- View on VirusTotal