Back to skill
Skillv1.0.0
VirusTotal security
anjuke-skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 15, 2026, 12:11 PM
- Hash
- bdba6c3982cac462144283330d5719939f519ab0c0acc08d3b6cb76c979445b6
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: anjuke-skill Version: 1.0.0 The skill bundle is designed for automating real estate platform operations on anjuke.com and leyoujia.com, but it contains high-risk instructions for credential handling. Specifically, SKILL.md and login_your_account.md instruct the AI agent to solicit sensitive information—including account passwords, real names, and ID card fragments—and store them in plain text within the skill's markdown files. While this appears intended for automation convenience, the practice of storing PII and credentials in instruction files is a significant security vulnerability that mimics credential harvesting patterns.
- External report
- View on VirusTotal