Back to skill
Skillv1.0.2
VirusTotal security
anydocs - Generic Documentation Indexing & Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:34 AM
- Hash
- c439da0032d1ead1b0165d761409901cfa6ebcac5f6c90e7a11fc8c119c12d13
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: anydocs Version: 1.0.2 The skill is classified as suspicious due to its high-risk capabilities and potential vulnerabilities, despite implementing several security controls. The primary indicators are the browser rendering functionality (via OpenClaw gateway or Playwright) in `lib/scraper.py`, which allows remote control of a browser to fetch and execute JavaScript on arbitrary (though HTTPS-enforced and profile-validated) URLs. While this is an intended feature with explicit warnings and security measures (e.g., HTTPS-only, token requirement), it presents a significant attack surface if misused or if underlying controls are bypassed. Additionally, the `setup.sh` script uses `pip install --break-system-packages`, which can compromise system integrity if not understood by the user (though it includes warnings), and the `lib/indexer.py` allows user-supplied regex queries, posing a potential ReDoS vulnerability. There is no clear evidence of intentional malicious behavior such as data exfiltration, unauthorized persistence, or stealth.
- External report
- View on VirusTotal