Back to skill
Skillv0.2.0
VirusTotal security
Podwise · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 4, 2026, 6:41 AM
- Hash
- 268a38d651580b13b35d1d6d5dcc6a474797ffa094832f6095ec55501026ac6d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: podwise Version: 0.2.0 The skill bundle facilitates interaction with the Podwise podcast service but contains high-risk patterns and potential vulnerabilities. Multiple workflows, such as 'episode-notes.md' and 'topic-research.md', instruct the AI agent to construct and execute shell commands using potentially unsanitized user-provided strings (e.g., episode titles, search keywords, and file paths), creating a significant risk for shell injection. Furthermore, 'references/installation.md' encourages a high-risk 'curl | sh' installation method (pointing to raw.githubusercontent.com/hardhackerlabs/podwise-cli/main/install.sh). While these capabilities are plausibly intended for the stated purpose, the lack of input sanitization instructions and the use of risky installation scripts warrant a suspicious classification.
- External report
- View on VirusTotal