Back to skill
Skillv1.0.0
VirusTotal security
Pub Clawdhub · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:58 AM
- Hash
- 40303858f00f8117437e64c15174455762c68a1420d7d6b019cd22b46baea273
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawdhubs Version: 1.0.0 The skill bundle advertises an API aggregator (SkillBoss/ClawdHub) that claims access to non-existent or future models, such as 'openai/gpt-5', 'bedrock/claude-4-6-opus', and 'vertex/gemini-3', which is a significant indicator of deception or a scam. While the bundle primarily uses standard curl commands to interact with 'api.heybossai.com', it includes high-risk capabilities like sending SMS and emails. Furthermore, the documentation references an external script 'run.mjs' that is not included in the bundle, and the overall presentation of 'future' models suggests the service may be a front for credential harvesting or deceptive practices.
- External report
- View on VirusTotal