Skillv1.2.3

VirusTotal security

Chitin · External malware reputation and Code Insight signals for this exact artifact hash.

BenignApr 30, 2026, 3:38 AM

Hash: fbe2336b157d258f042e68b9b9fdc379109f42793f066d237e01b350fc1f0037
Source: palm
Verdict: benign
Code Insight: Type: OpenClaw Skill Name: chitin-id Version: 1.2.3 The skill bundle provides a comprehensive identity protocol for AI agents, focusing on on-chain registration, verification, and lifecycle tracking. All network interactions are explicitly directed to `chitin.id` and its subdomains, with clear security warnings in `skill.md` and `skill.json` against sending sensitive data to other domains. The `heartbeat.md` file outlines a periodic self-check routine that includes verifying the agent's identity and reporting changes, explicitly advising against auto-downloading skill updates and to alert the owner of discrepancies. While the `npx -y chitin-mcp-server` command in `skill.md` presents a minor supply chain risk if the `chitin-mcp-server` package itself were compromised, within the context of this skill, it is presented as a legitimate tool from the same ecosystem. There is no evidence of intentional harmful behavior such as data exfiltration to unauthorized endpoints, persistence mechanisms instructed for the agent, or malicious prompt injection attempts.
External report: View on VirusTotal