ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw

v0.6.3

Vial self-healing runtime — 8 protocols covering technical failures, behavioral failures, and agent role enforcement.

0· 77·0 current·0 all-time
by@adrianhihi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (self‑healing runtime) align with the SKILL.md protocols (loop detection, auth/session recovery, verification, etc.). Required resources declared in registry (no binaries, no env) match the instruction-only design.
!
Instruction Scope
The runtime instructs the agent to run shell exec(...) commands (curl and file writes), spawn verification sub-sessions (sessions_spawn / sessions_yield), and in several cases to 'execute the pending task NOW' without further user confirmation for non‑destructive steps. It also relies on remote Gene Map responses to decide strategies but does not define how to parse or validate those responses. These actions extend the agent's behavior beyond passive guidance and could change agent outputs or cause network activity.
Install Mechanism
No install spec and no code files — instruction-only — so nothing is downloaded or written to disk by an installer. The only persisted artifact is /tmp/vial.log written at runtime.
Credentials
The skill requires no credentials or special env vars, which is appropriate. However it sends telemetry and performs Gene Map lookups to an external HTTP endpoint (https://helix-telemetry.haimobai-adrian.workers.dev). While SKILL.md claims only anonymous, non‑PII fields are sent, the skill triggers network calls and could in practice be extended or misused to send more data; this is a privacy/trust consideration rather than a declared credential mismatch.
Persistence & Privilege
always:false (not force-included). The skill writes only to /tmp/vial.log and uses platform session APIs for verification; it does not request system-wide config changes or other skills' credentials.
What to consider before installing
This skill is coherent with its stated purpose but performs autonomous actions you should review: it issues shell exec() calls that (a) write logs to /tmp/vial.log, (b) call an external telemetry/repair endpoint hosted on a personal workers.dev domain, and (c) can spawn verification sub-sessions and auto-execute follow-up steps (even without asking for every non-destructive action). Before installing, confirm you trust the telemetry/repair domain and its operator; consider whether you are comfortable with the skill making outbound HTTP requests and potentially running automated follow-up actions on your behalf. If you need stronger guarantees, ask the author for (1) the exact telemetry payloads and a strict spec for parsing Gene Map responses, (2) an option to disable remote calls/telemetry, and (3) explicit confirmation prompts instead of automatic execution for any action that could have side effects.

Like a lobster shell, security has layers — review code before you run it.

latestvk97br3nwtezrpb4hb27m685j3d84fxhc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔧 Clawdis

Comments