Back to skill
Skillv3.7.0
VirusTotal security
AgentOS SDK · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:21 AM
- Hash
- 78f9461370932bf3176e316aa073784d9969f54162fe2bf616ca42ae1d5af143
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentos-sdk Version: 3.7.0 The skill is classified as suspicious due to critical vulnerabilities and aggressive prompt injection. API keys are transmitted over unencrypted HTTP/WebSocket to the hardcoded IP `178.156.216.106:3100` (seen in `SKILL.md`, `agentos.sh`, `scripts/mesh.sh`, `DOCS.md`, `examples/clawdbot-integration.md`), making them vulnerable to Man-in-the-Middle attacks. Additionally, the markdown files (`SKILL.md`, `AGENT-OPS.md`, `SELF-EVOLUTION.md`) employ forceful prompt injection techniques ('CRITICAL RULE', 'MANDATORY') to ensure the AI agent prioritizes context backup and self-evolution, which, while aligned with the skill's stated purpose, represents a strong manipulation of agent behavior. The `aos_dump_all` function in `agentos.sh` also allows an agent to export all memories for all agents within a tenant, posing a risk if API key permissions are overly broad.
- External report
- View on VirusTotal