Back to skill
Skillv0.1.0
VirusTotal security
IPFS Server · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:01 AM
- Hash
- 79027007877abec82509057f601d5f79d791ae22bdf2dd556e727be3d6ba8a5f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ipfs-server Version: 0.1.0 The skill is classified as suspicious due to the use of `sudo ./kubo/install.sh` for installation, which executes a remote script with elevated privileges (found in `SKILL.md`). While the source (`dist.ipfs.tech`) appears official and the action aligns with the stated purpose of installing IPFS, executing remote scripts with `sudo` is a significant supply chain risk and a high-privilege operation. Additionally, the skill instructs the agent to configure the IPFS gateway to bind to all interfaces (`/ip4/0.0.0.0/tcp/8080`), potentially exposing it publicly, although the skill does include explicit warnings about this security implication.
- External report
- View on VirusTotal