Back to skill
Skillv0.1.0
VirusTotal security
ClawNet · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:57 AM
- Hash
- 75f2da477e48a7217980db54d0a035e3331008a0be40e1aebfab26b8150a5e1d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawnet Version: 0.1.0 The skill bundle implements a P2P bot discovery and communication tool. It is classified as suspicious due to two main capabilities: the `scan` command, which performs IP range scanning by sending UDP probes to arbitrary user-defined CIDR ranges (`src/cli/scan.rs`, `src/scanner.rs`), and the `beacon::register` command, which sends bot identity and capabilities (`node_id`, `name`, `capabilities`, `metadata`) via HTTP POST to a user-provided external URL (`src/cli/beacon.rs`). While these network-intensive features are plausible for a 'P2P bot discovery' tool, they represent significant network access and potential data exfiltration to arbitrary endpoints, which are high-risk behaviors that could be misused, even without clear evidence of intentional malice in the provided code.
- External report
- View on VirusTotal