Back to skill
Skillv0.1.0
VirusTotal security
General Writing · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:01 AM
- Hash
- 76048e26e53e4cd576fefb51224cf5e7b010bf5e314bfce0b1f6055455eaeca4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: general-writing Version: 0.1.0 The SKILL.md file contains instructions that introduce prompt injection vulnerabilities. Specifically, the agent is instructed to format citations as clickable numbered footnotes in the format `[Number](URL)` and to output 'JSON object containing a list of research sources'. These instructions create a mechanism for potential data exfiltration, as a malicious user prompt could trick the agent into treating sensitive local information as a 'source' and embedding it into a URL or JSON structure in its output. While the skill itself does not initiate malicious actions, it provides a channel that could be exploited for data leakage.
- External report
- View on VirusTotal