Back to skill
Skillv1.1.2
VirusTotal security
Teleskopiq · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:50 AM
- Hash
- 20030a3174ee6924ef9e2f588a36715a82ea066dfe1ad747f2b4933e28a15465
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: teleskopiq Version: 1.1.2 The skill is classified as suspicious due to a potential prompt injection vulnerability against the OpenClaw agent. The `SKILL.md` file instructs the agent to "Include the output in your writing context" after executing the `get-style` command. This command, implemented in `scripts/teleskopiq.py`, fetches a style profile from the external `teleskopiq.com` API. If the external API were compromised or malicious, it could inject executable instructions into the style profile, which the OpenClaw agent might then interpret and execute without sanitization, leading to unauthorized actions. While this is a vulnerability in the OpenClaw agent's design rather than direct malice from this skill, the skill facilitates this risky data flow.
- External report
- View on VirusTotal