Back to skill
Skillv1.0.0
VirusTotal security
Task Automator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:24 AM
- Hash
- 10d724c10a8899399be1b3bae3b3f82f7892ff32871949c235b632b64dc4c28b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: yinan-task-automator Version: 1.0.0 The skill bundle provides a framework for task automation, including file management and data processing. The `scripts/run_task.py` script contains a path traversal vulnerability in the `task_file_organizer` function, as it joins user-controlled folder names from the configuration file with the destination path without sanitization. Additionally, the script includes placeholders for high-risk capabilities such as API synchronization and web monitoring, which are consistent with the stated purpose but fall under the 'suspicious' classification due to their inherent risk and the lack of input validation.
- External report
- View on VirusTotal