Back to skill
Skillv1.0.0
VirusTotal security
Edith Senso Knowledge · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 28, 2026, 10:21 PM
- Hash
- 26108c18854961bb80fe3ca0e182b22b3384c5d5273834c5d34227ffc0600748
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: edith-senso-knowledge Version: 1.0.0 The skill uses the high-risk 'exec' tool to perform API calls via curl to https://sdk.senso.ai. While the functionality is aligned with the stated purpose of searching a knowledge base, the instructions in SKILL.md direct the agent to construct shell commands by directly embedding raw user input ('<user's question>'), which introduces a significant shell injection vulnerability. There is no evidence of malicious intent, but the reliance on unvalidated execution of shell commands is a high-risk pattern.
- External report
- View on VirusTotal