Back to skill
Skillv1.0.1
VirusTotal security
med-critical-disease-review · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 24, 2026, 3:31 AM
- Hash
- 128b6803b79ee5c5242feffed5b86586e7d1f6caa432c997363e96aaab848ec7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: med-critical-disease-review Version: 1.0.1 The skill bundle facilitates medical insurance claim assessments by processing various document formats and calling a remote API (shangbao.yunzhisheng.cn). It exhibits high-risk behaviors, including the execution of external system binaries (LibreOffice, Tesseract, pdftotext) via subprocess to parse user-supplied files and outbound network requests containing sensitive medical data. While these capabilities are plausibly necessary for the stated purpose, there is a notable discrepancy where the implementation in scripts/run.py lacks the PII de-identification logic explicitly claimed in the SKILL.md documentation, posing a data privacy risk.
- External report
- View on VirusTotal