Back to skill
Skillv0.1.1
VirusTotal security
Agentic Lending EVK · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 9:51 PM
- Hash
- 579e6de13b459192a22f6e29eef79c981f3164953f80385f91521ec1c015a81f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentic-lending-evk Version: 0.1.1 The skill bundle facilitates automated DeFi lending operations on Arbitrum, including market deployment and 'canary' borrowing. It requires access to a private key (ARBITRUM_PRIVATE_KEY) and includes a Node.js script (scripts/evk_live_borrow_proof.js) that performs high-risk actions such as infinite token approvals (MaxUint256), Uniswap V3 swaps, and borrowing. The instructions in SKILL.md and api_reference.md explicitly direct the agent to use a 'browser tool' for 'browser-assisted funding' of Api3 feeds, which represents a significant privilege level and attack surface. While the documentation emphasizes dry-runs and user consent, the combination of financial transaction capabilities, private key handling, and automated browser interaction constitutes a high-risk profile.
- External report
- View on VirusTotal