Back to skill
Skillv1.1.0
VirusTotal security
Vajra · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:18 AM
- Hash
- b2c8c124d5bafc619b996d6095fc0a82dac18182aeacfa6638f2436c95194ca7
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: vajra Version: 1.1.0 The skill is designed to analyze content via the Vajra API, explicitly stating that user-provided content is sent to `vajra.to`, cached, and results in a public permalink. It transparently warns users not to submit private data. While the `curl` examples could pose a shell injection vulnerability if the AI agent directly executes them with unsanitized user input, this represents a potential flaw in the agent's execution model rather than malicious intent within the skill itself. There is no evidence of data exfiltration beyond the stated purpose, malicious execution, persistence, or deceptive prompt injection against the agent.
- External report
- View on VirusTotal