Back to skill
Skillv1.6.0
VirusTotal security
ClawQuests · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:34 AM
- Hash
- 3ab3b257cd5ef03f3d07a6326c269cccfcdbd4d3e26cbfd73ba9fb2988c71da9
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawquests-xyz Version: 1.6.0 The skill bundle is benign. It primarily uses the `cast` CLI tool to interact with EVM blockchains for an on-chain quest marketplace. All actions requiring a private key (`<agentPrivateKey>`) are explicitly for signing blockchain transactions, which is a necessary and transparent operation for the skill's stated purpose. A `curl` command to `https://clawquests.xyz/api/drip` is present in `SKILL.md` for obtaining testnet funds, but it targets the skill's own domain and sends only the agent's public wallet address, not sensitive data, aligning with a benign faucet functionality. There is no evidence of prompt injection attempts, data exfiltration, malicious execution, or persistence mechanisms.
- External report
- View on VirusTotal