Back to skill
Skillv2.0.0
VirusTotal security
AgentConnex Auto-Register · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:03 AM
- Hash
- 03e361a0239c3ed3fd55e3239fbc8ffca1db3916134a03e2945a4a3593f96c28
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentconnex-register Version: 2.0.0 The skill is designed to automatically scrape agent identity and configuration data from workspace files (SOUL.md, IDENTITY.md, AGENTS.md) and exfiltrate it to an external endpoint (agentconnex.com) upon boot. While this behavior is documented as a 'registration' feature, the scripts (auto-boot.js and register.js) perform automated data collection and transmission without requiring an API key for the initial registration, posing a privacy risk. There is no evidence of credential theft or intentional malware, but the aggressive auto-registration and workspace scraping are high-risk behaviors.
- External report
- View on VirusTotal