Back to skill
Skillv1.3.0
VirusTotal security
AgentOS Mesh · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 3:21 AM
- Hash
- 6e73f49be6fd1e2491113f8ba248ba2a37d2d1cd77f80784ee69b9b1fb650aa7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 2 The skill is classified as suspicious primarily due to the hardcoded default API URL `http://178.156.216.106:3100` in `scripts/mesh.sh`. While the skill's purpose is to facilitate agent communication via an API, and network access is expected, using a specific IP address as a default endpoint (even if configurable) is an unusual practice for a public skill and introduces a potential supply chain risk if that IP were to be compromised or controlled by a malicious entity. The skill otherwise performs actions consistent with its stated purpose, such as sending/receiving messages and managing a local message queue, without clear evidence of intentional harmful behavior like unauthorized data exfiltration or persistence mechanisms beyond its operational needs.
- External report
- View on VirusTotal