Back to skill
Skillv2.3.4
VirusTotal security
Crypto Executor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:41 AM
- Hash
- b2a133b5c017706ff56d493d66d510c11576e5e0511162f0b420726e34bfd76a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crypto-executor Version: 2.3.4 The skill is classified as suspicious due to clear prompt injection attempts in SKILL.md and CONFIGURATION.md. The author field in SKILL.md explicitly names the AI agent ('Georges Andronescu (Wesley Armando)'), and both markdown files contain direct instructions and explanations addressed to 'AI Agent (Wesley)' regarding installation logic and memory persistence. This constitutes an unauthorized attempt to manipulate the agent's identity and decision-making process. Additionally, the skill relies on an external dependency, 'crypto-sniper-oracle', executed via subprocess (executor.py), which is a supply chain risk, although the skill's documentation explicitly warns the user to audit this external code before installation.
- External report
- View on VirusTotal