Back to skill
Skillv1.0.0
VirusTotal security
Browser History · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:46 AM
- Hash
- f6c43b8e797e4e52965a846829b7c18cd8f7ca9940f39bd8cbcf96ca5751b068
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: browser-history Version: 1.0.0 The skill accesses sensitive local data (Chrome browsing history) as its stated purpose. However, the `SKILL.md` file contains `sqlite3` commands with a `TERM` placeholder, which presents a significant SQL injection vulnerability. If the AI agent directly substitutes user input into `TERM` without proper sanitization, an attacker could manipulate or delete the local history database. While there is no evidence of data exfiltration or persistence, this critical vulnerability makes the skill suspicious.
- External report
- View on VirusTotal