Back to skill
Skillv1.1.10
VirusTotal security
Black Fortress · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 18, 2026, 11:06 AM
- Hash
- 134e88b721f5013f826335e40f31d5f41bab4071911daa8e664411e31386ccd2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: black-fortress Version: 1.1.10 The bundle implements a complex security sandboxing framework ('Black-Fortress') designed to isolate and interrogate untrusted code. It utilizes high-risk capabilities including Docker/Firecracker orchestration (microvm_orchestrator.py), AST-based code obfuscation (deterministic_obfuscator.py), and subprocess execution. While the implementation demonstrates strong defensive intent—such as thorough environment variable scrubbing to prevent secret leakage (black_fortress.py) and kernel-level network blocking via seccomp (seccomp-profile.json)—the requirement for Docker access and optional root privileges for Firecracker mode constitutes a significant attack surface. No evidence of intentional malice, data exfiltration, or backdoors was found; however, the tool's inherent high-risk behaviors and broad system access align with the 'suspicious' classification under the provided guidelines.
- External report
- View on VirusTotal