Back to skill
Skillv0.1.0
VirusTotal security
Writing Style Iterator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:43 AM
- Hash
- a1afb320a1ffa55a996ce009f1bc10d87d129367e454fc1ee1f7143256fa81c3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: writing-style-iterator Version: 0.1.0 The skill bundle is classified as suspicious due to multiple shell injection vulnerabilities present in the `SKILL.md` instructions. Commands like `cp`, `diff`, and `git commit` incorporate unsanitized placeholders such as `<用户文件的绝对路径>`, `<用户文件>`, `<文件名>`, and `<修改摘要>`. If the OpenClaw agent does not rigorously sanitize these inputs before execution, a malicious user could inject arbitrary shell commands, leading to Remote Code Execution (RCE). While there is no explicit evidence of intentional malicious behavior like data exfiltration or backdoor installation, the severe RCE risk stemming from these vulnerabilities warrants a 'suspicious' classification.
- External report
- View on VirusTotal