Back to skill
Skillv1.0.2
VirusTotal security
UI Element Ops · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:40 AM
- Hash
- aba1c5ec49430fd29ba000997de9c366d09c97e9693e945d581273a5ff36a0be
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ui-element-ops Version: 1.0.2 The skill is classified as suspicious due to a critical shell injection vulnerability in `scripts/operate_ui.py`. The `cmd_wait` function executes an optional `--refresh-cmd` using `subprocess.run(cmd, shell=True)`. If an AI agent (or an attacker via prompt injection) can control the value of `--refresh-cmd`, it could lead to arbitrary code execution. Additionally, the script allows disabling `pyautogui.FAILSAFE`, which removes a safety mechanism during UI automation, increasing risk. The skill also relies on cloning external repositories (GitHub) and downloading models (HuggingFace), introducing supply chain risks, though these sources are generally reputable.
- External report
- View on VirusTotal