Back to skill
Skillv1.0.4
VirusTotal security
rrragflow-skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 24, 2026, 6:11 AM
- Hash
- 51f2f1095d4c9b7d7acaf72d2c1ee41f6a456b6978db2049aff1559651d72a45
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: rrragflow-skill Version: 1.0.4 The skill bundle provides legitimate functionality for managing RAGFlow datasets and documents, but it is classified as suspicious due to the presence of high-risk capabilities that are explicitly mentioned in the analysis criteria. Specifically, the scripts `upload.py`, `update_dataset.py`, and `update_document.py` allow for arbitrary local file reading and uploading, including a feature to load JSON payloads from local paths using a '@' prefix. While these capabilities are plausibly needed for the stated purpose of document ingestion and configuration, they represent a significant attack surface for prompt injection, as an agent could be coerced into exfiltrating sensitive local files (e.g., JSON configuration files or credentials) to the user-provided `RAGFLOW_API_URL` endpoint.
- External report
- View on VirusTotal