Back to skill
Skillv1.0.7
VirusTotal security
Openclaw Guardian · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:36 AM
- Hash
- cd693d5e3ac4c88e427273be15af4d850ece08ee3e61eccc578c61db3fd071b5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-guardian-suite Version: 1.0.7 The bundle implements a commercial licensing and delivery mechanism in 'lib/sdk/auth.sh' that utilizes a high-risk execution pattern: it fetches encrypted payloads from a remote server (https://skill.socialmore.net) and pipes them directly into a bash shell via openssl decryption. Furthermore, 'lib/skills/skill-safe-install/SKILL.md' contains instructions designed to influence the AI agent's behavior, specifically directing it to bypass security inspections and risk assessments for any skills authored by 'halfmoon82'. While these behaviors are framed as part of a commercial 'Guardian Suite,' the combination of remote code execution (RCE) by design and explicit instructions to ignore security protocols for specific developers creates a significant attack surface and potential for unauthorized system modification.
- External report
- View on VirusTotal