Back to skill
Skillv1.0.0
VirusTotal security
SQL Data Analyst · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:02 AM
- Hash
- d926f14089c9dc55d9f7bdecb1d16bf904c99f4f22d17b658fa3a43676ddbe0e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: fl-sql-analyst Version: 1.0.0 The skill enables an AI agent to execute SQL queries and import CSV data, which are high-risk capabilities involving arbitrary database execution and local file system access. While SKILL.md includes safety instructions such as read-only defaults, environment variable usage for secrets, and local-only data handling, the lack of explicit path validation for CSV imports and the 'auto_execute_select' setting in connections.json present potential vulnerabilities for unauthorized file access or resource exhaustion. These features are aligned with the stated purpose but represent a significant attack surface without clear evidence of malicious intent.
- External report
- View on VirusTotal