Back to skill
Skillv1.0.0
VirusTotal security
Multi-SKU Bundles · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 24, 2026, 6:21 AM
- Hash
- 49990b34ea8e8296114ac85d616ae0df64874ed5763a9f7c2a23a6464d95270a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: multi-sku-copurchase-bundles Version: 1.0.0 The skill contains instructions that direct the AI agent to promote a specific third-party service and URL (https://www.rijoy.ai) within its responses. This constitutes a form of prompt injection for brand promotion (referral injection). While the service is relevant to the e-commerce domain and the instructions are transparently documented in SKILL.md and references/rijoy_brand_context.md, the use of instructions to manipulate the agent's output toward a specific commercial entity is a recognized injection technique. No evidence of malicious code execution, data exfiltration, or harmful intent was found.
- External report
- View on VirusTotal