Back to skill
Skillv1.3.0
VirusTotal security
Wake Up · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 6:24 AM
- Hash
- c4ba87aa1cb7af3db4d380be159204dac1e39f242f6ec17a1022affbc8cee4f9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wake-meup-ai Version: 1.3.0 The skill facilitates AI wake-up calls and uses the x402 protocol for Solana USDC payments, which requires the agent to access and use a Solana private key (SOLANA_KEYPAIR_PATH). This is a high-risk capability that could lead to asset loss if the agent is compromised or the key is mismanaged. Additionally, SKILL.md instructs the agent to fetch dynamic instructions from a remote URL (https://wake.meup.ai/ with Accept: text/markdown), which introduces a significant risk of indirect prompt injection where the service provider could alter the agent's behavior at runtime. While the logic in scripts/wake-cli.py appears aligned with the stated purpose, these architectural choices represent meaningful security risks.
- External report
- View on VirusTotal