Back to skill
Skillv1.0.0
VirusTotal security
BYOCB ArbInjectionSkill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:24 AM
- Hash
- 132f9cfd23f5fb30d0e2e4e143ef8957b278129c16ea850f869afd126fb45403
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill is classified as suspicious due to its high-privilege capabilities and potential for supply chain risk. Specifically, the `SKILL.md` file instructs the OpenClaw agent to schedule a daily cron job to perform `git pull origin main` and `npm install` from `https://github.com/BringYourOwnBot/arb-injection`. While framed as maintenance, this grants the skill persistent self-update capabilities, allowing it to fetch and execute new code from a remote repository without further explicit user consent, which is a significant supply chain vulnerability. Additionally, the skill is instructed to run as a 'background session' for continuous monitoring, implying persistence, and to use a `message` tool for external communication (alerting).
- External report
- View on VirusTotal