Back to skill
Skillv1.0.0
VirusTotal security
Turn Any Book into a Working Agent 一键把书变成员工 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 5:36 AM
- Hash
- c82f08b41799bd7f83ea944dcbc5ed12dc4a6798bd29352f9a085180314ede68
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: turn-any-book-into-a-working-agent Version: 1.0.0 The skill bundle automates the creation of new AI agents by extracting content from uploaded books (PDF, EPUB, TXT) and generating new skill definitions. It is classified as suspicious because it contains shell injection vulnerabilities in the implementation steps within SKILL.md (e.g., the Python one-liner for PDF extraction using unquoted filename placeholders) and performs high-risk operations by programmatically creating and installing new skills into the system's library. While the logic appears intended for a legitimate utility, the lack of input sanitization and the 'meta-skill' capability of generating executable instructions from untrusted document content pose a significant security risk.
- External report
- View on VirusTotal