Back to skill
Skillv1.0.0
VirusTotal security
Story Short Scan · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:02 PM
- Hash
- bb92886ef3b2bed858626f14b6b693da9eee08f17fc737b927716b4b5afd8bf2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: story-short-scan Version: 1.0.0 The skill bundle is designed for market analysis of short story platforms but includes high-risk instructions in SKILL.md to use the 'agent-browser' tool via Chrome DevTools Protocol (--cdp 9222). This specifically directs the agent to access the user's active, logged-in browser sessions to scrape data from private areas like 'personal centers' and 'bookshelves.' While this capability is framed as necessary for deep market analysis, the use of a user's authenticated session to access private data is a significant security risk that could be leveraged for unauthorized data access.
- External report
- View on VirusTotal