Back to skill
Skillv1.0.2
VirusTotal security
Instagram Content Studio · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 4:11 AM
- Hash
- 212b84dade83f2650531d4c6bfb95ab678393cddd602347fc9e437e01c0e739a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: instagram-content-studio Version: 1.0.2 The skill is highly suspicious due to critical vulnerabilities that enable data exfiltration and potential system compromise through prompt injection. Specifically, the `SKILL.md` and `README.md` instruct the agent to accept arbitrary local file paths for media uploads, which are then read by `scripts/_common.js` (e.g., `postLocalImage`, `postLocalVideo`) and exposed via a temporary `cloudflared` tunnel without path sanitization, allowing exfiltration of sensitive files like `~/.ssh/id_rsa`. Additionally, the agent is instructed to append `--env <path>` for custom .env files, and `scripts/_common.js`'s `refreshIgToken` and `refreshFbToken` functions will then overwrite this arbitrary file with access tokens, posing a risk of system disruption or persistence by targeting files like `/etc/crontab`.
- External report
- View on VirusTotal