Back to skill
Skillv1.0.4
VirusTotal security
OpenClaw Mobile Gateway Installer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 8:47 AM
- Hash
- 97ffee096a33855311abbd1c736711131b948aca9c30d289426f5512e3db5faa
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-mobile-gateway-installer Version: 1.0.4 The bundle installs a system-level gateway service that manages OpenClaw instances via a Node.js backend. While the behavior aligns with the stated purpose, it exhibits high-risk capabilities, including extensive use of 'sudo' in 'install.sh' and 'check.sh' to manipulate systemd services and environment files. The backend ('services.ts') uses 'execFileSync' to execute shell commands like 'systemctl', 'journalctl', and the 'openclaw' CLI based on API requests, which could lead to privilege escalation or unauthorized system control if the API is exposed without proper authentication.
- External report
- View on VirusTotal