Back to skill
Skillv0.1.1
VirusTotal security
AgentMesh · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 3:49 AM
- Hash
- eae83487bcf3d6ad8b7cdb58987dc13b5379faca366e95f6e3afdb3bbfa87fdc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentmesh Version: 0.1.1 The AgentMesh skill bundle implements an end-to-end encrypted messaging system for AI agents using strong cryptographic primitives. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection attempts in the documentation or code. However, the `NetworkHubServer` in `src/agentmesh/hub.py` defaults to binding on `0.0.0.0` (all network interfaces) without explicit warnings about network exposure in the code comments or `SKILL.md` beyond general security properties. While common for server applications, this default could lead to unintended public exposure if deployed without proper firewalling, posing a misconfiguration vulnerability. This is a significant enough risk to classify as suspicious, rather than benign, due to the potential for unintended network access to the hub.
- External report
- View on VirusTotal