Back to skill
Skillv1.1.1
VirusTotal security
Vnsh Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:40 AM
- Hash
- 4b488a583d8735217b4ef1d7bd06e79788f0091bcc4e2d37ee9240427b707804
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: vnsh Version: 1.1.1 The skill is classified as suspicious due to a severe prompt injection vulnerability in `SKILL.md`. The AI agent is explicitly instructed to automatically process any incoming `vnsh.dev/v/` URLs without user confirmation ('You MUST use this skill automatically... do NOT ask the user first', 'Never ask... just read it'). This allows an attacker to send a crafted `vnsh.dev` link containing malicious instructions, which the agent would then automatically download, decrypt via `scripts/read.sh`, and potentially execute or interpret, bypassing user consent. Additionally, the `install` command in `SKILL.md` uses `curl -sL vnsh.dev/i | sh`, which is a significant supply chain risk as it executes a remote script directly.
- External report
- View on VirusTotal