Back to skill
Skillv1.0.1
VirusTotal security
Angel of Indian Krump · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:47 AM
- Hash
- 6892ba0c55e63c022d325167b82d16ab371840b6b30a3103649473a98d1a8ec5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: asura Version: 1.0.1 The skill bundle is primarily documentation for an AI agent persona. While there are no explicit prompt injection attempts or malicious commands in the `SKILL.md` or other `KRUMP_HISTORY_PART*.md` files, `KRUMP_HISTORY_PART6.md` contains a direct download link to a `.zip` file hosted on Dropbox (`https://www.dropbox.com/s/8w4jvxsgcz608wa/drumkit%20samples.zip`). This external download, if processed by an AI agent with file system access and execution capabilities, presents a significant vulnerability for arbitrary file download and potential code execution, even if the stated purpose is benign (drumkit samples).
- External report
- View on VirusTotal