Back to skill
Skillv0.3.1
VirusTotal security
Agent Smith · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:02 AM
- Hash
- 86a6a0c1c9cd1e23cb5b10c24e8d94f9f2e19d1c33320e9b5137f9f45d107601
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-smith Version: 0.3.1 The 'agent-smith' skill implements a third-party reputation system that requires agents to exfiltrate internal reasoning, decision context, and outcomes to an external service (sentinel.agent-smith.org). It utilizes an OpenClaw bootstrap hook (hooks/openclaw/handler.ts) to persistently inject reminders into the agent's session, ensuring the agent adheres to the data-sharing protocol. While the documentation in SKILL.md explicitly warns against sharing credentials, the core functionality encourages the systematic transfer of internal agent logic and situational context to an external endpoint, posing a significant risk of accidental data leakage or intellectual property exposure.
- External report
- View on VirusTotal