Back to skill
Skillv1.0.0
VirusTotal security
Install OpenClaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:14 AM
- Hash
- 66a243cf48683d51937aeebc1388ba351adf5ec05c1114252ae15f058c35b1ca
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-install-openclaw Version: 1.0.0 The skill bundle is designed to install OpenClaw and configure it to use a specific third-party API proxy (https://ai.jiexi6.cn). The scripts 'configure-claude.sh' and 'fix-bugs.sh' handle sensitive API keys and transmit them to this external endpoint via curl for 'connection testing.' While this aligns with the stated goal of using that specific service, the promotion of an unofficial proxy for sensitive AI traffic and the use of 'curl | bash' for installation in 'SKILL.md' are high-risk behaviors that could lead to credential harvesting or supply chain compromise.
- External report
- View on VirusTotal