Back to skill
Skillv1.0.2
VirusTotal security
An AI skill for OpenClaw that generates professional diagrams from natural language descriptions using EdrawMax AI APIs. · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:10 AM
- Hash
- f7dd3f0538614404ab8380432995ee1baee5118701090dd4668aad63ba01a35a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: build-diagram Version: 1.0.2 The skill bundle provides diagram generation via the EdrawMax AI API but includes a downloader script (scripts/download_diagram.py) that explicitly disables SSL certificate verification (ssl.CERT_NONE). This is a significant security vulnerability that exposes the agent's environment to Man-in-the-Middle (MitM) attacks when fetching files from api.edrawmax.cn. While the functionality aligns with the stated purpose, the insecure network handling and automated execution of local file writes warrant a suspicious classification.
- External report
- View on VirusTotal