Back to skill
Skillv1.0.2
VirusTotal security
SafeHub · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:31 AM
- Hash
- 9955f75b47451bc94a8d2fddb27a5d69669af72a38e721afa6bf30bf813e6142
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: safehub Version: 1.0.2 SafeHub is a security scanner that contains a critical shell injection vulnerability in lib/resolve.js, where a GitHub URL is passed directly into execSync for a git clone operation without sufficient sanitization. Additionally, the update command in commands/update.js allows the tool to fetch and overwrite local rule files from an arbitrary GitHub repository (controlled by the SAFEHUB_RULES_REPO environment variable), which could be leveraged to manipulate scan results or potentially exploit the host. While the tool implements a restrictive Docker sandbox for dynamic analysis, these architectural flaws and the remote-update mechanism pose a significant security risk.
- External report
- View on VirusTotal