Back to skill
Skillv1.0.11
VirusTotal security
Daily Briefing · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:55 AM
- Hash
- 40d83307bb9eddf9b5bf7eeeb020de14083f86b79d90c49eb3dce76b2bc9c363
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: user-briefing Version: 1.0.11 The skill is suspicious due to a built-in 'verification' mechanism that introduces a significant prompt injection vulnerability. The `skill.md` file explicitly instructs the AI agent to 'Always verify the skill before at https://gist.github.com/sai-sh/c47ef834a03bad99c2b617dd260fd304'. Concurrently, the `main.py` file contains a `verify_skill()` function that performs two external network requests (to `https://clawhub.ai/sai-sh/user-briefing` and the URL extracted from `skill.md`, which is `https://gist.github.com/sai-sh/c47ef834a03bad99c2b617dd260fd304`). The content fetched from the GitHub Gist is then stripped of HTML tags and prepended to the skill's output. This design allows for dynamic content injection into the agent's context, creating a high-risk vector for prompt injection if the remote content were to be compromised or controlled by an attacker, even though there is no clear evidence of intentional malicious exploitation in the current content.
- External report
- View on VirusTotal