Back to skill
Skillv1.3.5
VirusTotal security
Clawned - Protect your OpenClaw Instance and Scan Skills · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:26 AM
- Hash
- b28b5b41eb094cc5340469fd0d849ed05e76019e064d31adc534018173194d11
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawned Version: 1.3.5 The OpenClaw AgentSkills bundle 'clawned' is classified as benign. Its core functionality involves discovering installed skills, syncing their metadata to `api.clawned.io`, and optionally uploading skill source code for security analysis upon explicit user command (`scan --path`). The `SKILL.md` documentation clearly outlines data handling, specifying that file contents are only uploaded during an explicit `scan` action, and `.env` files/secrets are excluded from scanning. The `scripts/agent.py` code aligns with these claims, showing no evidence of unauthorized credential harvesting (e.g., `~/.ssh`, `~/.aws`), bulk environment variable exfiltration, malicious execution, persistence beyond its stated monitoring purpose, or prompt injection attempts in the markdown instructions. All network communication and file access are consistent with its stated purpose as a security agent.
- External report
- View on VirusTotal