Back to skill
Skillv1.0.7
VirusTotal security
结构化任务规划与分步执行 V2(异步子代理架构) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:32 AM
- Hash
- f3376bf92c82fd815f034bd79f0c482e95bc71e6e5698bc2c64faea6bf6aeac4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: stp Version: 1.0.7 The skill is classified as suspicious due to a critical shell injection vulnerability identified in the `SKILL.md` instructions. Specifically, the agent is instructed to extract a Process ID (`details.pid`) from a subagent's execution history (via `sessions_history`) and then directly use this value in a `kill <PID>` command. If a malicious subagent could manipulate its output to inject arbitrary commands into the `details.pid` field (e.g., `1; rm -rf /`), the main agent would execute these commands on the host system, leading to Remote Code Execution (RCE). While the intent is for cleanup, this lack of input sanitization for a value sourced from a potentially untrusted subagent constitutes a significant vulnerability. Other risky capabilities, such as executing user-provided prompts in subagents, are inherent to the skill's purpose and are mitigated by user confirmation and verification steps.
- External report
- View on VirusTotal