Back to skill
Skillv1.0.5
VirusTotal security
LINE Rich Messages · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:17 AM
- Hash
- ace323bb2e8581eb0d52cb732fc78f413d3359cbc2cd1c1450a5515120345e92
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: line-rich-messages Version: 1.0.5 The skill bundle contains conflicting documentation regarding file delivery. While `SKILL.md` explicitly states that file delivery is 'intentionally not included (removed for safety)' for security reasons and warns against direct API calls, `README.md` mentions an 'Integrated workflow for delivering files via Google Drive buttons' and `references/decision-matrix.md` recommends 'Delivering a document/file' via 'Google Drive link'. This discrepancy, coupled with the mention of a missing `references/file-delivery.md` file, creates a potential vulnerability for misinterpretation by a human developer or a less constrained AI agent, despite the primary agent instructions in `SKILL.md` being security-conscious.
- External report
- View on VirusTotal