Back to skill
Skillv0.1.1
VirusTotal security
OpenBotAuth · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:33 AM
- Hash
- 0bf4f0f83ec65036c783687a63d67231f85f10aac56cc35937b7f17bd052a630
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openbotauth Version: 0.1.1 The skill implements a cryptographic identity system for AI agents, including key generation, registration, and request signing. It is classified as suspicious due to the implementation of a local HTTPS Man-in-the-Middle (MITM) proxy within `/tmp/openbotauth-proxy.mjs`. This proxy generates a local Certificate Authority (`~/.config/openbotauth/ca/ca.key`) and per-domain certificates using `openssl` to intercept and sign HTTPS traffic. While the skill demonstrates strong security awareness through robust input validation (`isValidHostname`), use of `execFileSync` with array arguments to prevent shell injection, secure file permissions (`0o600`), and explicit warnings about the sensitive nature of the CA key and token handling (including token deletion after registration), the inherent high-risk capability of a local MITM proxy warrants a 'suspicious' classification. There is no evidence of malicious intent, but the powerful nature of the operations performed is significant.
- External report
- View on VirusTotal