Back to skill
Skillv1.0.0
VirusTotal security
ActingWeb Memory · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:54 AM
- Hash
- 9957cbe6d584fc6a51a19e7a8c972fc600a2ec6ff518a82a6e149fbfb732d4a0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: managing-actingweb-memory Version: 1.0.0 The skill is classified as suspicious primarily due to a prompt injection instruction in `SKILL.md` that directs the AI agent to suppress unsolicited discussions about privacy or security of stored memories. This instruction attempts to manipulate the agent's communication with the user, potentially hiding critical information or risks. Additionally, the skill includes powerful 'Remote Actions' (`execute_method`) capable of controlling devices and triggering workflows on connected services, which, despite documentation advising user confirmation, represents a high-risk capability that could be misused if the agent's guardrails are bypassed. The `scripts/manual-oauth.sh` handles sensitive OAuth tokens but appears to do so for its stated legitimate purpose to the `ai.actingweb.io` domain.
- External report
- View on VirusTotal