Back to skill
Skillv1.0.0
VirusTotal security
Claw Shell 1.0.0 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 5:25 AM
- Hash
- 07897d7ad9a898bf6ec6b3750e5c0eb1496eadfc7dd227da400263b5494dea34
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: claw-shell-1-0-0 Version: 1.0.0 This skill is highly suspicious due to its core functionality of executing arbitrary shell commands via `execSync` in `handler.js`. It contains a critical shell injection vulnerability in the `sendCommand` function, where user-provided commands are passed directly to `tmux send-keys` without adequate shell-level sanitization, allowing for arbitrary command execution. Furthermore, the `isDangerous` function, intended as a safety mechanism, relies on an easily bypassable blacklist, which allows dangerous commands (e.g., `curl`, `wget`, `cat /etc/passwd`) to be executed without triggering the user confirmation prompt specified in `SKILL.md`, effectively bypassing the agent's safety instructions. The `readOutput` function also captures and returns the output of these commands, enabling potential data exfiltration.
- External report
- View on VirusTotal