Back to skill
Skillv1.1.3
VirusTotal security
Augmented Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 5:12 AM
- Hash
- b8bfdc4aa6d3f45cd6fd072009788a99a8ac9e6d14a6ed070dae648de0151982
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: performing-searches Version: 1.1.3 The skill bundle is classified as suspicious primarily due to the inclusion of a `curl | sh` command in `reference/installation.md` for installing Ollama, which is an inherently high-risk method for executing remote code, even if for a legitimate prerequisite. Additionally, the skill defines tools like `read` that accept arbitrary `urls` and `search` that accepts `searchedKeywords` as input. While the skill itself does not instruct the agent to exploit these, such parameters present a significant vulnerability surface (e.g., SSRF, shell injection) if the underlying `augmented-search` service is not robustly secured against malicious input, which an AI agent could potentially be prompted to exploit.
- External report
- View on VirusTotal