Back to skill
Skillv2.0.0
VirusTotal security
Influencer Report · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:34 AM
- Hash
- 097096d8bc384bfe1ebfceb5e7192bafdd6fa3ef65a77e86e422bbaae94eef2d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: influencer-report Version: 2.0.0 The skill is classified as suspicious due to a potential markdown injection vulnerability in the generated report. The `scripts/generate_report.py` script constructs markdown output using strings derived from API responses (e.g., video titles, transcripts, notes) and direct user input (e.g., `--handle`). If these strings contain malicious markdown or HTML, a vulnerable markdown renderer (such as the one used by the OpenClaw agent or a web interface displaying the report) could be exploited for content injection or cross-site scripting (XSS). While there is no evidence of intentional malicious behavior, this lack of output sanitization constitutes a vulnerability.
- External report
- View on VirusTotal