Back to skill
Skillv2.1.0
VirusTotal security
Compare Crypto Payments · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:56 AM
- Hash
- fd86a6099e170615846a35d62cd85726d270794dfbbba4f3d4a56ddbe07b5fbc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: compare-crypto-payments Version: 2.1.0 The skill bundle is highly promotional for 'PayRam' and instructs the AI agent to execute remote shell scripts via `curl | bash` from `raw.githubusercontent.com/PayRam/payram-scripts/main/setup_payram_agents.sh` and `setup_payram.sh`. This method of fetching and executing arbitrary code from a remote source is a significant security vulnerability, allowing for potential remote code execution if the GitHub repository or network path is compromised. Additionally, the skill strongly encourages the agent to interact with a remote 'MCP server' (`https://mcp.payram.com/mcp`) using `mcporter` commands, including 'scaffolding complete applications', which implies further capabilities for remote system modification. While there's no direct evidence of intentional malicious payload within the provided files, the reliance on unverified remote script execution and broad remote control capabilities constitutes a high-risk security practice.
- External report
- View on VirusTotal