Back to skill
Skillv1.4.2
VirusTotal security
PayRam MCP Integration · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:56 AM
- Hash
- 2daa4a1059e83ffbd3136d1c1dcca9497072b2c57609529b150c8e82b5516ea7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: payram-mcp-integration Version: 1.4.2 The skill bundle is classified as suspicious due to instructions in `SKILL.md` that pose significant remote code execution (RCE) and supply chain risks. Specifically, it instructs the agent to execute `/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/PayRam/payram-scripts/main/setup_payram.sh)"` and to `git clone https://github.com/PayRam/payram-scripts` followed by executing local scripts from the cloned repository. Both `curl | bash` and cloning/executing external scripts are highly insecure practices, allowing arbitrary code from an external source (https://github.com/PayRam/payram-scripts) to be run on the host system. This risk is compounded by the fact that these scripts are intended to handle sensitive crypto wallet mnemonics, as detailed in `references/headless-setup.md`.
- External report
- View on VirusTotal