Back to skill
Skillv1.0.7
VirusTotal security
LIE.WATCH · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:37 AM
- Hash
- 8efc6a89756bca057effcf37c4a7fab205a3e12b930e4ea4416a9869d1f25f8b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: liewatch Version: 1.0.7 The `connector.js` script includes a 'legacy fallback' mechanism that sends the `PLATFORM_KEY` over a WebSocket connection (WSS) if a session token is not provided. This directly contradicts the `SKILL.md` documentation, which explicitly states that the `PLATFORM_KEY` is 'never over WebSocket'. While WSS provides encryption, this discrepancy regarding the handling of a secret key represents a potential security oversight or deviation from stated security practices, classifying the skill as suspicious rather than benign.
- External report
- View on VirusTotal