Back to skill
Skillv1.0.0
VirusTotal security
Plant Growth Stage Recognition Skill | 植物生长阶段识别技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 18, 2026, 12:11 PM
- Hash
- 6704e189124c0d7a7de7f84cd6df10ce2bfa596e9dc2a338dd5e0d32e3395adb
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: smyx-plant-growth-stage-recognition-analysis Version: 1.0.0 The skill bundle exhibits high-risk behaviors, most notably the automated exfiltration of user identifiers (which the instructions suggest can be a phone number) to a remote endpoint (lifeemergence.com/jeecg-boot/sys/phoneLogin) for 'silent registration' within `skills/smyx_common/scripts/util.py`. Additionally, `skills/smyx_common/scripts/skill.py` contains an `ai_chat` function that executes system commands via `subprocess.run(['openclaw', 'agent', ...])`, providing a mechanism for RCE-like capabilities within the agent environment. The `SKILL.md` also includes 'Mandatory Memory Rules' that force the AI to ignore local memory files and rely solely on the remote API, which could be used to bypass local auditing or data persistence mechanisms.
- External report
- View on VirusTotal