Back to skill
Skillv1.0.1
VirusTotal security
librarian companion · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 28, 2026, 4:18 AM
- Hash
- 0e3351fcf1796a19e7a4f65a91f27c50681fee0680d9ca378dccbd2aebec3cca
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: librarian Version: 1.0.1 The OpenClaw Librarian skill bundle is classified as benign. The `SKILL.md` instructions for the AI agent emphasize 'Hard Stop Protocol' and 'Honest Failures', which are good practices for AI safety and prevent prompt injection for malicious actions. The `librarian.sh` wrapper script, which executes user-controlled commands, uses `printf '%q '` to robustly quote all arguments before passing them to `eval`, effectively mitigating shell injection vulnerabilities. While the skill relies on an external `research.py` script (not provided in this bundle) for its core functionality, the internal components of this skill bundle demonstrate careful design to prevent common injection attacks and do not exhibit any malicious intent or direct vulnerabilities.
- External report
- View on VirusTotal