Back to skill
Skillv0.1.2
VirusTotal security
Mini Diary · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:22 AM
- Hash
- f72ec15f664860a8039219ff488b7a1144e4c7233ddebe508d6731ede46ff98f
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: mini-diary Version: 0.1.2 The Mini Diary skill demonstrates a strong commitment to security, explicitly addressing and fixing critical vulnerabilities related to arbitrary file writes in version 0.1.2, as detailed in `CHANGELOG.md`. All shell scripts (`add_note.sh`, `install.sh`, `search_diary.sh`) implement robust path validation to prevent access or modification of system directories, utilize strict bash modes (`set -euo pipefail`), and perform safe file operations (e.g., `chmod` with ownership checks in `install.sh`). The `test_security.sh` script further confirms these defenses. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized remote execution, persistence mechanisms, or prompt injection attempts against the OpenClaw agent. Instructions in markdown files (e.g., `chown`, `docker exec`) are clearly for the user's manual setup, not for the agent to execute directly under its `allowed-tools` scope.
- External report
- View on VirusTotal