Back to skill
Skillv1.0.0
VirusTotal security
Yyds.Auto · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 25, 2026, 10:51 PM
- Hash
- 2cc06a11ff61e1ceabdea495f8c67dd2a490e69833ea86c506456c7e4ea90dbb
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: yyds-auto Version: 1.0.0 The yyds-auto skill provides an extremely broad set of high-risk capabilities for controlling Android devices, including root shell access (run_shell), arbitrary Python code execution (run_python_code), and full file system access (read_file, write_file). While these tools are consistent with the stated purpose of Android RPA, they effectively turn the connected device into a remotely manageable target with minimal safeguards. The skill also includes features for installing APKs and managing Python environments, which could be leveraged for unauthorized persistence or data exfiltration if the AI agent is misdirected. (IOC: yydsauto.com, yyds-auto-mcp npm package).
- External report
- View on VirusTotal