Back to skill
Skillv1.0.9
VirusTotal security
Clawtrial Courtroom · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:01 AM
- Hash
- a099d04ec788421e095e35afdddd039d8c9f20cbe9decea83f67c4a05b9766f6
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawtrial Version: 1.0.9 The OpenClaw AgentSkills skill bundle is classified as suspicious due to several high-risk capabilities and discrepancies in its security posture, despite its stated purpose of autonomous agent behavioral oversight. The skill extensively uses prompt injection against the AI agent (e.g., in `scripts/check-and-trigger.js`, `scripts/optimized-cron-check.js`, `src/detector.js`, `AGENT_CONFIG.md`) to force autonomous execution of tasks, including reading/writing local files and bypassing user confirmation. It performs significant system modifications during installation (`scripts/clawtrial.js`, `scripts/postinstall.js`), such as creating symlinks, modifying bot configuration files, and adding cron jobs via `execSync('crontab -l ...')`. While the skill claims to store cryptographic keys in agent memory (`SECURITY.md`), the `secretKey` is actually stored on the filesystem in `courtroom_keys.json` (`scripts/clawtrial.js`, `src/crypto.js`), which is a critical security misrepresentation. Additionally, the `src/skill.js` includes an 'auto-consent' mechanism if no config is found, potentially bypassing explicit user consent. The skill also exfiltrates anonymized and cryptographically signed case summaries to `https://api.clawtrial.app/cases` (`src/api.js`), which, while stated as part of its 'public record' feature, represents an external network call with sensitive (though anonymized) behavioral data. These combined factors, particularly the misleading key storage documentation and the broad system/agent modification capabilities, elevate the classification to suspicious, indicating potential vulnerabilities and risky practices without clear evidence of intentional malice.
- External report
- View on VirusTotal