Back to skill
Skillv1.0.0
VirusTotal security
OEE Content Humanizer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:56 AM
- Hash
- ebfc575da67dc09906a2f23efb3fdcd1a7380c269a8aaadba315d8e8bc34e8a5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: oee-content-humanizer Version: 1.0.0 The skill is suspicious due to a prompt injection vulnerability in `humanize.py`. User-provided text is directly embedded into the prompt sent to the Claude API without sanitization, allowing an attacker to potentially manipulate the LLM's behavior. While the script makes an expected network call to `api.anthropic.com` for its stated purpose, this vulnerability could lead to unintended LLM outputs or information disclosure. There is no evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints, persistence mechanisms, or direct shell injection.
- External report
- View on VirusTotal