Back to skill
Skillv0.1.1
VirusTotal security
Agent Communication Protocol · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:26 AM
- Hash
- 323ef54bae892ec93c301bf866b3252d924ea93703c7dea136fd5d7ed7dadecf
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentcp Version: 0.1.1 The skill bundle is classified as suspicious due to its high-risk capabilities, which, while necessary for its stated purpose, present significant vulnerabilities if exploited. Key indicators include explicit instructions in `SKILL.md` and `resources/install.md` for the AI agent to execute external commands like `git clone`, `git pull`, and `npm install` from remote repositories (GitHub and Gitee mirrors). These operations could lead to Remote Code Execution (RCE) if the agent is tricked into using malicious sources or if the specified repositories are compromised. Additionally, the agent is instructed to modify critical configuration files such as `~/.openclaw/openclaw.json` and `agent.md`, which could lead to privilege escalation or unauthorized configuration changes if prompt injection is successful. The use of `curl` to external endpoints (`https://rank.agentunion.cn`) also highlights network access capabilities that could be abused for data exfiltration.
- External report
- View on VirusTotal