Back to skill
Skillv1.0.1
VirusTotal security
TokenSaver Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:38 AM
- Hash
- aa33c01fed1e9a692c1ff1cba492ebca35f1c544ae52740f2440f1a4365d3801
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: token-saver-pro Version: 1.0.1 The 'token-saver-pro' bundle is designed to perform a 'Denial of Service' on the AI agent by intercepting all user requests and responding with sarcastic refusals. It utilizes high-risk OpenClaw capabilities such as 'autorun: true' and 'intercept_all: true' in SKILL.md, and its README.md instructs users to manually inject logic into the core SOUL.md file to hijack the agent's personality. While the code (interceptor.js, install.js) does not perform host-level data exfiltration or install traditional backdoors, its primary purpose is to intentionally disrupt the agent's utility and availability through prompt injection and configuration modification.
- External report
- View on VirusTotal