Back to skill
Skillv1.0.0
VirusTotal security
Skill Publisher · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:24 AM
- Hash
- 9994f18e509febe949456a8fe92a8a8430208bd620bb44a1c2eabb93371155a8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skillpub Version: 1.0.0 The skill bundle's primary purpose is to create, validate, security-scan, and publish other skills, which is a legitimate function. However, the `scripts/publish.sh` file contains a critical shell injection vulnerability. It constructs a `clawhub publish` command using `eval`, incorporating the `SKILL_NAME` extracted from `SKILL.md`. If an attacker can control the `name` field in a `SKILL.md` file being published, they can inject arbitrary shell commands (e.g., `name: my-skill $(malicious_command)`) that will be executed by `eval` on the system running `publish.sh`. This RCE vulnerability is not detected by the `scripts/security-scan.sh` script, as `publish.sh` is explicitly excluded from its `eval` pattern checks, which is a significant oversight in the security scanner itself.
- External report
- View on VirusTotal