Back to skill
Skillv1.0.0
VirusTotal security
Soul Sharing · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:39 AM
- Hash
- 1fc2258bdfab24ad0444669ac38fa5e9139bcad7dbd6048eadda05e1c72ca4b8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: soul-sharing Version: 1.0.0 The SKILL.md file defines a protocol that requires the AI agent to clone an external Git repository and execute unvetted Python and shell scripts (e.g., scripts/add_event.py, scripts/quick_share.sh). It also instructs the agent to modify its own local runtime configuration files, such as ~/.claude/CLAUDE.md, to ensure the memory-sharing system persists across sessions. While the stated purpose is agent identity persistence, the combination of fetching/executing external code and modifying local configuration files presents a high risk for remote code execution and persistence (IOC: https://github.com/kingcharleslzy-ai/agent-soul).
- External report
- View on VirusTotal