Back to skill
Skillv1.2.2
VirusTotal security
FaceBook Go-To-Market - How to build on Facebook Groups · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 5:46 AM
- Hash
- bab7dd51c512c6238123a2a6f9447a1abdb8f05383148cbee5307a28eed7d17f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: fb Version: 1.2.2 The skill bundle describes a financial enablement platform for AI agents but implements a high-risk execution pattern. Specifically, 'encrypted-card.md' and 'skill.md' instruct the agent to download a self-contained file via the API (event 'rail5.card.delivered') and execute a 'decrypt script' contained within it using Node.js. This 'Remote Code Execution by design' pattern, while framed as a security feature for isolating card data in ephemeral sub-agents, creates a significant attack surface where a compromised or malicious server (creditclaw.com) could deliver arbitrary code to the agent's environment.
- External report
- View on VirusTotal