Back to skill
Skillv0.1.0
VirusTotal security
Elevenlabs Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:39 AM
- Hash
- 5fe7047932e0e97dbd5691a9f5ca455894e2339a66a807aee5a9882d6e1f86d5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-skill-elevenlabs-pro Version: 0.1.0 The `scripts/elevenlabs.py` file contains a path traversal vulnerability. The `output` argument, which specifies the output MP3 file path, is not sanitized, allowing an attacker to potentially write files to arbitrary locations on the file system (e.g., `../../../../tmp/malicious.mp3`). This is a critical vulnerability that could lead to unauthorized file modification or creation, but it does not demonstrate clear malicious intent such as data exfiltration to an attacker-controlled server or the installation of backdoors. No prompt injection attempts were found in `SKILL.md`.
- External report
- View on VirusTotal