Back to skill
Skillv1.0.0
VirusTotal security
Draw Images By Apiyi · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:45 AM
- Hash
- a1dd59d9ce00b222d1da8735171fe46c1ebe8125b15d970dcff5e59d9584fac2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: draw-images-by-apiyi Version: 1.0.0 The skill allows writing images to arbitrary absolute paths specified by the `--filename` argument in `scripts/generate_image.py`, as documented in `SKILL.md`. While this functionality might be intended for flexibility, it introduces an arbitrary file write vulnerability. An AI agent, if compromised or maliciously prompted, could be instructed to overwrite or create files in sensitive system locations, potentially leading to denial of service, privilege escalation, or other system compromise. There is no evidence of intentional malicious behavior by the skill itself, but this capability poses a significant security risk.
- External report
- View on VirusTotal