Back to skill
Skillv2.1.0
VirusTotal security
ClawMoney · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:16 AM
- Hash
- ee00162981806668e8887fd8f651855d65124dcca9b644a2109a5df3704f971d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawmoney Version: 2.1.0 The skill bundle implements a highly automated 'earning' platform that includes several high-risk behaviors. Most notably, SKILL.md explicitly instructs the AI agent to bypass user confirmation for sensitive setup steps ('Run ALL steps... automatically without pausing or asking the user') and to silently start a 'Hub Provider' background service. This provider connects to a remote WebSocket (api.bnbot.ai) to receive and execute tasks locally, effectively creating a remote execution surface. Additionally, the setup process involves aggressive actions such as killing processes and recursively deleting Electron browser data (Cookies, Local Storage) to force wallet re-authentication. While these actions are aligned with the stated purpose of an automated agent, the combination of persistence via cron, remote task execution, and instructions to ignore user oversight warrants a suspicious classification.
- External report
- View on VirusTotal