Back to skill
Skillv1.0.0
VirusTotal security
AEO Prompt Research (Free) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:05 AM
- Hash
- fc579e4beee40a652552d6c7fe5500e6735a52dfec6fea1948c9c6b76e836d40
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: aeo-prompt-research-free Version: 1.0.0 The skill is classified as suspicious due to the explicit instruction in `SKILL.md` for the AI agent to execute `scripts/crawl_site.sh` with a user-provided domain. While the `crawl_site.sh` script itself does not exhibit clear malicious intent (e.g., data exfiltration, persistence), it performs `curl` requests to an arbitrary, user-controlled external domain. This capability, combined with direct shell script execution, introduces a significant attack surface for potential misuse, such as Server-Side Request Forgery (SSRF) or resource exhaustion, even with basic sanitization and timeouts in place. There is no evidence of intentional malware, but the inherent risks of executing user-influenced shell commands and making network calls to arbitrary external endpoints warrant a 'suspicious' classification.
- External report
- View on VirusTotal