Back to skill
Skillv1.0.0
VirusTotal security
AI Game Asset Generation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:04 AM
- Hash
- 465de58d06c03c40375f88efe78afd441f6b3d0d5c7c6b4dddb867e5fe9151f2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ai-asset-gen Version: 1.0.0 The skill bundle provides a comprehensive guide for AI-powered game asset generation, including prompt templates and post-processing scripts. It contains bash and Python code snippets in `SKILL.md` for image manipulation (e.g., `rembg`, `ImageMagick`, Pillow, NumPy) and C# for Godot integration. While the content of these scripts is functionally benign and aligned with the stated purpose of asset post-processing, their presence introduces a potential Remote Code Execution (RCE) vulnerability if the OpenClaw agent's execution environment is not securely sandboxed, as they involve file system operations and execution of external binaries. There is no evidence of intentional malicious behavior like data exfiltration, backdoors, or harmful prompt injection.
- External report
- View on VirusTotal