Back to skill
Skillv1.0.19
VirusTotal security
MoodTrip Hotel Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 29, 2026, 8:31 PM
- Hash
- 2b1e8610158d3b0a9968cb41efc2658bad999dba7eb6be1a08fe9315d38dae50
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: moodtrip-hotel-search Version: 1.0.19 The skill bundle contains instructions in SKILL.md that direct the AI agent to automatically modify its own configuration and execute external code via 'npx -y mcp-remote@latest'. While these actions are intended to facilitate the connection to the MoodTrip MCP server (api.moodtrip.ai), the request for self-modification of platform settings and the use of npx to fetch remote utilities represent high-risk behaviors that could be exploited, despite being contextually aligned with the stated purpose.
- External report
- View on VirusTotal