Back to skill
Skillv1.3.2
VirusTotal security
Openclaw Plugin · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 3, 2026, 3:25 AM
- Hash
- 553c4113de1ad21fc51ad4ff618ec61f9000797d9532def340635bc16f45484a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: hopeids Version: 1.3.2 The OpenClaw hopeIDS skill is designed as an Intrusion Detection System (IDS) for AI agents, aiming to prevent malicious activity. Its core logic and documentation consistently reflect this purpose, emphasizing 'metadata only' for quarantine records and programmatic alerts. However, it is classified as 'suspicious' due to two primary reasons: 1) It relies heavily on an external `hopeid` npm package, introducing a supply chain risk where a compromised dependency could lead to malicious execution. 2) The `trustOwners` configuration (defaulting to true) allows messages from owner accounts to bypass all security scans, creating a potential vulnerability if an owner's account is compromised. While these are vulnerabilities rather than direct malicious intent by the skill itself, they represent significant security risks.
- External report
- View on VirusTotal