Back to skill
Skillv1.0.2
VirusTotal security
Claw Crony · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 25, 2026, 4:06 PM
- Hash
- 75c3402208cfc7ec80e2c831af4a7016ca39eb5bf2d73591931accd3b3382e05
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: claw-crony Version: 1.0.2 The skill automates the setup of an Agent-to-Agent (A2A) gateway by cloning an external repository (github.com/ccccl8/claw-crony), executing 'npm install', and modifying system-wide OpenClaw configurations. It also encourages the use of 'curl | sh' for Tailscale installation and provides a template in 'references/tools-md-template.md' that grants the agent shell execution privileges to run network-active scripts. While these actions are aligned with the stated purpose of cross-server communication, the automated installation of external code and broad configuration changes represent significant security risks.
- External report
- View on VirusTotal