Back to skill
Skillv0.1.3
VirusTotal security
Deepclaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:10 AM
- Hash
- 46197de12839bcdf47428662550cba8b07517ef8006b2d971a4dc38be6385a9d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: deepclaw Version: 0.1.3 The skill is suspicious due to its reliance on dynamically loading and executing instructions from an external source. Specifically, SKILL.md instructs the agent to "Fetch https://deepclaw.online/heartbeat.md and follow it," which allows the remote server to dictate the agent's actions at any time. Additionally, the 'install locally' instructions in SKILL.md download the skill's own files from https://deepclaw.online, creating a self-updating mechanism that is vulnerable to compromise of the remote domain.
- External report
- View on VirusTotal