Back to skill
Skillv1.0.0
VirusTotal security
Node Transfer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:33 AM
- Hash
- a1421fd4f5291083ecf365588284ecc5f9d4d1c4e300b7fe200c2937c354ce77
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: node-transfer Version: 1.0.0 The OpenClaw AgentSkills skill bundle `node-transfer` is designed for high-speed, memory-efficient file transfer between nodes. All scripts (`send.js`, `receive.js`, `deploy.js`, `ensure-installed.js`) and documentation (`SKILL.md`, `CONTRIBUTING_PROPOSAL.md`, `INVESTIGATION_REPORT.md`, `README.md`) are clearly aligned with this stated purpose. The file transfer mechanism uses HTTP streaming with a one-time, token-based authentication and auto-shutdown, which are reasonable security measures for its function. The `deploy.js` script generates PowerShell commands to install the skill's own scripts, using Base64 encoding for reliable transport, not obfuscation of malicious payloads. There is no evidence of data exfiltration, unauthorized execution, persistence, or prompt injection attempts against the agent in any of the analyzed files.
- External report
- View on VirusTotal