Back to skill
Skillv1.0.0
VirusTotal security
Freelance Automation Gig · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:13 AM
- Hash
- 97e8545363a3d52a412f3ea780732edba59e9da7b6c74200ef053bcfe7052c01
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: freelance-automation-gig Version: 1.0.0 The skill bundle is classified as suspicious primarily due to a prompt injection instruction in `SKILL.md` that directs the AI agent to actively deceive clients by pretending to be a human freelancer ("絕對唔好透露自己係 AI(扮 human freelancer)"). While not directly leading to system compromise or data exfiltration, this instruction manipulates the agent's persona and encourages non-transparent behavior, which is a significant ethical concern and a form of agent manipulation. Additionally, the skill requires powerful binaries like `curl`, `node`, and `python`, which, while justifiable for the stated automation tasks, provide capabilities that could be abused if combined with further malicious instructions.
- External report
- View on VirusTotal