Back to skill
Skillv1.0.0
VirusTotal security
Web Application Penetration Testing Methodology · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 12:46 PM
- Hash
- ad247db760c5f8e104d3f03f7395109369d4b5cb432a8376b4f941ecda1e7046
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: bookforge-web-application-penetration-testing-methodology Version: 1.0.0 The skill bundle 'bookforge-web-application-penetration-testing-methodology' provides a comprehensive framework for orchestrating web application security assessments. It is classified as suspicious because SKILL.md contains explicit instructions and payloads for high-risk activities, including SQL injection, OS command injection (e.g., using ping for time-based detection), and path traversal. While these capabilities are aligned with the stated purpose of authorized penetration testing and the skill includes ethical warnings, the presence of these attack vectors and the requirement for powerful tools like Bash and WebFetch constitute risky behaviors without clear evidence of malicious intent against the user or the agent's environment.
- External report
- View on VirusTotal