Back to skill
Skillv1.0.0
VirusTotal security
usewhisper-autohook · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:57 AM
- Hash
- 5dc0cae07265a0f181b1743e19d1e7962511efa78d4be1d0256b3e41ca2d476d
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: usewhisper-autohook Version: 1.0.0 The OpenClaw skill 'usewhisper-autohook' is designed for memory management by integrating with the Whisper Context API. It makes outbound HTTPS requests to `context.usewhisper.dev` and user-configured upstream LLM APIs (OpenAI/Anthropic), using API keys provided via environment variables. It persists a `context_hash` locally in `~/.openclaw/.cache/usewhisper-autohook/state.json` for delta compression, which is a benign caching mechanism. The proxy modes (`serve_openai_proxy`, `serve_anthropic_proxy`) start local HTTP servers to intercept and modify LLM API calls, injecting memory context. All observed behaviors, including network calls, local file writes, and environment variable access, are directly aligned with the stated purpose of providing automatic memory for AI agents. There is no evidence of intentional malicious activity such as unauthorized data exfiltration, arbitrary code execution, persistence mechanisms beyond caching, or deceptive prompt injection attempts in `SKILL.md`.
- External report
- View on VirusTotal