Back to skill
Skillv1.0.1
VirusTotal security
Openclaw Remote Install · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:10 AM
- Hash
- e38a16a16547a98e747871aaed00aa96c327fe0ded0e9d142e125c696a3aa319
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-remote-install Version: 1.0.1 The bundle provides tools for remote installation and configuration of OpenClaw via SSH. It includes a bash script (install_openclaw_remote.sh) and a Python script (configure_openclaw_remote.py) that handle SSH credentials and execute remote commands, including 'curl | bash' installers from openclaw.ai. While these capabilities are aligned with the stated purpose of remote deployment, they involve high-risk patterns such as disabling SSH host key verification (StrictHostKeyChecking=no), using sshpass for password authentication, and handling sensitive API keys. No evidence of intentional malice or data exfiltration was found, but the broad remote execution capabilities and credential handling warrant a cautious classification.
- External report
- View on VirusTotal