Back to skill
Skillv1.1.0
VirusTotal security
Anthropic Frontend Design · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:28 AM
- Hash
- 0fbe8471c596c0fab11a2b8b6ad8ce686cc2f3ca9eb18a4f13bca0248a55ae72
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: anthropic-frontend-design Version: 1.1.0 The skill is designed for UI/UX design, and its `SKILL.md` uses prompt-injection-like instructions to guide the AI agent's creative output (e.g., 'MANDATE breaking those patterns', 'REQUIRED to ignore it'), which is aligned with its stated purpose of avoiding 'AI slop' and not malicious. However, the `scripts/design_system.py` and `scripts/search.py` include functionality to write markdown files to the local filesystem (`Path.cwd()` or a user-specified `output_dir`). While the intent is to save design documentation to a `design-system/` subdirectory, the underlying capability to write to an arbitrary directory is a risky behavior that could be exploited by a malicious prompt if the OpenClaw agent runtime does not adequately sandbox or validate the `output_dir` parameter.
- External report
- View on VirusTotal