Back to skill
Skillv1.0.1
VirusTotal security
ticktick-official-cli · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:49 AM
- Hash
- 1e11d4e0fd543ddc2bf30170fca0fd5bb596ed056cec2926aa76f59b0723fa04
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ticktick-official-cli Version: 1.0.1 The skill is generally benign, providing legitimate integration with the Dida365 API. However, a significant prompt injection vulnerability exists in `scripts/ticktick_cli.py`. The `--item-json @path` option in `task create` and `task update` commands allows reading arbitrary local files (e.g., `@/etc/passwd`, `@~/.ssh/id_rsa`). A maliciously prompted AI agent could be instructed to read sensitive files and exfiltrate their content by including it in a task's checklist items, which are then sent to the Dida365 API. This constitutes a local file inclusion leading to data exfiltration via prompt injection.
- External report
- View on VirusTotal