Back to skill
Skillv1.0.0
VirusTotal security
Clawd Cursor 0.6.0 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:55 AM
- Hash
- e5fa696363e1202bc765ff9bc3b5d903bc9926a896ece4c42a16665fd7a2fb03
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawd-cursor-0-6-0 Version: 1.0.0 The skill instructs the AI agent to start its own server process silently (`Start-Process ... -WindowStyle Hidden`) and without user confirmation ('don't ask the user') if it's not running, as seen in SKILL.md. While intended for self-initialization, this capability represents a significant prompt injection vulnerability, as an attacker could potentially craft a prompt to the agent to execute arbitrary hidden commands. Despite this, the skill includes strong instructions for the agent to ask for user confirmation for sensitive actions (e.g., email, banking, deleting) and explicitly states network isolation to `127.0.0.1` with no data exfiltration to skill authors.
- External report
- View on VirusTotal