Back to skill
Skillv0.1.5
VirusTotal security
Seo Content Brief · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:41 AM
- Hash
- 8f55bf4514611bfaa846b21a4ef43c116edcc53aa8502e5a5fd8de07dee3a124
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: seo-content-brief Version: 0.1.5 The skill bundle is classified as suspicious primarily due to the `curl -fsSL https://cli.inference.sh | sh` instruction present in the `SKILL.md` file. While the `allowed-tools: Bash(infsh *)` permission prevents the AI agent from directly executing this command, it remains a high-risk instruction for any user (human or agent with broader permissions) to follow, representing a potential supply chain vulnerability if `cli.inference.sh` were compromised. Although the skill provides an explanation and manual verification options, the inclusion of this method for installing a dependency is a significant risky behavior, even without clear malicious intent from the skill itself.
- External report
- View on VirusTotal