Back to skill
Skillv0.2.2
VirusTotal security
Wip 1password Private · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:52 AM
- Hash
- a93f07d88ef30e2e5627bc5cfebaa495c475220e95d813369fcb660f2c04370b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wip-1password Version: 0.2.2 The skill bundle provides 1Password integration for AI agents but contains a critical shell injection vulnerability in `mcp-server.mjs`. The `opExec` function uses `execSync` to execute CLI commands with unsanitized input from tool arguments (`vault`, `item`, `field`), allowing for potential arbitrary command execution. While the main plugin logic in `src/index.ts` safely uses the official 1Password SDK, the presence of this vulnerability in the MCP server component is a significant risk. Additionally, the `SKILL.md` and `README.md` files contain prompt-injection-style instructions designed to guide an AI agent through an installation process using a custom `wip-install` command, which is a high-risk pattern despite the inclusion of dry-run and user-consent safeguards.
- External report
- View on VirusTotal