Back to skill
Skillv1.0.1
VirusTotal security
Kefal Guard · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 25, 2026, 3:31 PM
- Hash
- 5d997506c6794e8ee295fcd147f62aeb0a8348c53ffc4a6e07a347bc531a9700
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: kefal-guard Version: 1.0.1 The skill requires the manual installation of a closed-source, un-notarized third-party binary (kefal-agent) that collects and exfiltrates sensitive system metadata—including process lists, listening ports, and SSH public key fingerprints—to an external domain (kefal.dev). While the stated purpose is infrastructure security monitoring, the requirement for root/sudo privileges and the transmission of host telemetry to a SaaS platform represent a significant attack surface and potential for data exfiltration. The SKILL.md instructions also direct the AI agent to proactively suggest scans, ensuring the third-party tool remains active and integrated into the user's workflow.
- External report
- View on VirusTotal