Back to skill
Skillv0.1.0
VirusTotal security
claude-code (Deprecated alias) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:58 AM
- Hash
- 5b92d3e7d059f8d3ddcd0e83977bbdd455d6e146c3161f7c27289005253737cf
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: claude-code-legacy Version: 0.1.0 The skill bundle is highly suspicious due to multiple critical vulnerabilities that could lead to arbitrary code execution and data exfiltration. The `scripts/start-tmux-task.sh` script directly embeds user-controlled arguments (`--task`, `--lint-cmd`, `--build-cmd`) into the prompt given to the Claude AI, creating a severe prompt injection vulnerability against Claude. Additionally, `scripts/complete-tmux-task.sh` directly executes the `--lint-cmd` and `--build-cmd` arguments without sanitization, posing a shell injection risk. Several scripts (`list-tasks.sh`, `monitor-tmux-task.sh`, `status-tmux-task.sh`, `start-tmux-task.sh`) construct SSH commands using an unsanitized `$SSH_HOST` variable, leading to potential SSH command injection. The use of `claude --dangerously-skip-permissions` further escalates the impact of these vulnerabilities. While no explicit malicious intent (e.g., hardcoded exfiltration to an attacker's domain) is present, these flaws allow an attacker controlling input to achieve malicious objectives.
- External report
- View on VirusTotal