Back to skill
Skillv1.0.0
VirusTotal security
Kelp Forest · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:37 AM
- Hash
- 7b0b2812cd3340a7e30c8533ed97eec2f0e4326dcbcefa5454789d100df53f52
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: kelp-forest Version: 1.0.0 The skill bundle describes an autonomous yield farming agent for the Kelp Forest DeFi protocol on the Base blockchain. The provided JavaScript code snippets and `cast` commands use standard libraries (`ethers.js`, Foundry's `cast`) to interact with specific, hardcoded smart contracts on the Base mainnet. The scripts require a private key, which is explicitly handled via environment variables (`process.env.WALLET_KEY`), a common and transparent practice for DeFi automation. There is no evidence of data exfiltration, malicious execution (e.g., downloading and executing remote payloads), persistence mechanisms, obfuscation, or prompt injection attempts against the OpenClaw agent to subvert its intended behavior. All actions are clearly aligned with the stated purpose of managing DeFi positions.
- External report
- View on VirusTotal