Back to skill
Skillv1.0.0
VirusTotal security
Minimal Memory · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:00 AM
- Hash
- 5e0ed091926c2b8c4d9925dfd43faeff0c0916cd11bb655d9b87c7d3ceddb394
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: minimal-memory Version: 1.0.0 The skill bundle is classified as suspicious due to a critical shell injection vulnerability in `scripts/search.sh`. The user-provided `QUERY` argument is passed unquoted to the `grep` command, allowing for arbitrary command execution on the system where the agent is running. While the overall purpose of the skill (memory management) appears benign, this vulnerability allows an attacker to exploit the agent's execution environment.
- External report
- View on VirusTotal