Back to skill
Skillv1.4.2
VirusTotal security
Self Updater · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:02 AM
- Hash
- df2335cbb1e6a82dcdcc301bf87ab7588cd68d0eb82e0ca17953ec5cf3d0fc98
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: self-updater Version: 1.4.2 The skill bundle describes a 'self-updater' with high-risk capabilities, including updating the OpenClaw core, restarting services, and executing PowerShell scripts with 'ExecutionPolicy Bypass'. It requests sensitive environment variables (TELEGRAM_BOT_TOKEN, FEISHU_APP_ID/SECRET) and reads local configuration files (~/.openclaw/openclaw.json). While these actions are aligned with the stated purpose of a maintenance utility, the inherent risk of a self-modifying tool combined with an anomalous future timestamp in _meta.json (March 2026) warrants a suspicious classification. The actual logic in scripts/self-updater.ps1 was not provided for verification.
- External report
- View on VirusTotal