Back to skill
Skillv1.1.0
VirusTotal security
Clean Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:02 AM
- Hash
- 9cc76aad5cff46c1a2ff91f331bfd4f604e714833e54b68d5de1c8ac7026947f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clean-skill Version: 1.1.0 The skill is classified as suspicious due to its reliance on advanced web scraping techniques using Playwright with persistent browser sessions (`scripts/fetch_dianping_real.py`, `scripts/fetch_xiaohongshu_real.py`, `scripts/session_manager.py`). While the skill's stated purpose is benign (cross-referencing restaurant reviews), the use of persistent login sessions and browser automation, coupled with explicit acknowledgement of bypassing anti-scraping measures and potential Terms of Service violations (`references/api_limitations.md`), introduces significant risks. These capabilities, if exploited via prompt injection against the AI agent or system compromise, could be misused for unauthorized browser actions or data access beyond the skill's intended scope, even though the skill itself does not exhibit intentional malicious behavior like data exfiltration or arbitrary command execution.
- External report
- View on VirusTotal