Back to skill
Skillv1.0.0
VirusTotal security
Key Swap · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:55 AM
- Hash
- c9048daa897295fac24d7308d29261b19106096d8324813e7abb2258498f2821
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: keyswap Version: 1.0.0 The `SKILL.md` file instructs the OpenClaw agent to execute a `bash` script (`scripts/keyswap.sh`) with a user-provided token. This direct embedding of user input into a shell command creates a significant shell injection vulnerability, as an attacker could append arbitrary commands (e.g., `sk-ant-foo; rm -rf /`) that would be executed by the agent after the `keyswap.sh` script completes. Although the `keyswap.sh` script attempts to mitigate injection within its `jq` command using `--arg`, this does not protect against commands executed *outside* the script's scope by the agent's initial command parsing. There is no evidence of intentional malicious behavior like data exfiltration or backdoors within the skill's code or instructions, but the vulnerability is critical.
- External report
- View on VirusTotal