Back to skill
Skillv1.0.1
VirusTotal security
aiusd · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:30 AM
- Hash
- 744da3473ecf17f873652473676050bc546e1d39e380f37c8b490e71ea57b5f2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: aiusd Version: 1.0.1 This skill is classified as suspicious due to the AI agent being explicitly instructed to execute shell commands (`npm run reauth`, `aiusd-skill tools --detailed`) within `SKILL.md`. While these commands are presented as necessary for the skill's stated purpose (financial trading and account management), granting an AI agent direct shell execution capability is a high-risk behavior that could be exploited if the agent's input parsing or reasoning were compromised. Additionally, the skill handles sensitive financial transactions (e.g., withdrawals, trades) and accesses local authentication tokens (`~/.mcp-hub/token.json`, `MCP_HUB_TOKEN` env var). The `SKILL.md` also contains prompt injection instructions aimed at controlling the agent's conversational output, which, while not malicious in intent here, highlights the agent's susceptibility to such directives. The installer scripts (`aiusd-skill-installer.sh`, `aiusd-skill-installer.js`) use standard self-extracting archive methods and `npm install`, which carries a supply chain risk but is typical for Node.js projects. No clear evidence of intentional malicious exfiltration or unauthorized persistence was found.
- External report
- View on VirusTotal