Back to skill
Skillv0.1.0
VirusTotal security
Signet Guardian · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:54 AM
- Hash
- e2e6bd4bee527d631c0ae6c5a488fbb1d1bcc2a7734b60c1f57dbfe2898175b2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: signet-guardian Version: 0.1.0 The skill's primary function as a payment guard is benign, but the `signet-cli.ts` script contains a Remote Code Execution (RCE) vulnerability. The `signet-policy --edit` command executes `process.env.EDITOR` with `spawnSync` and `shell: false`. While `shell: false` prevents direct command injection, an attacker could set the `EDITOR` environment variable to a malicious command (e.g., `sh -c 'rm -rf /'`). If an AI agent is instructed to run `signet-policy --edit` while `EDITOR` is controlled by an attacker (e.g., via prompt injection), it could lead to arbitrary code execution. This is a significant vulnerability, but there is no evidence of intentional malicious exploitation within the skill's code or documentation.
- External report
- View on VirusTotal