Back to skill
Skillv0.1.0
VirusTotal security
Runtime Debugging Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:39 AM
- Hash
- ccd78e69a6397362b31b2f16cc33421018f5543d173b82496207318241883d6d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: runtime-debugging-skill Version: 0.1.0 The skill bundle is classified as suspicious due to several high-risk security practices and invasive requirements. It instructs the agent to install a 'Syncause SDK' using insecure methods, including a 'curl | bash' command in 'references/install/nodejs.md' and the use of hardcoded GitHub Personal Access Tokens (PATs) in 'references/install/java.md' to access private repositories. The SDK utilizes bytecode manipulation and runtime tracing to send application data to a remote websocket (wss://api.syn-cause.com). While these capabilities are framed as debugging features, the combination of hardcoded credentials, remote script execution, and instructions in 'SKILL.md' to manipulate the agent's reporting behavior presents a significant security risk and potential for abuse.
- External report
- View on VirusTotal