Back to skill
Skillv1.1.2
VirusTotal security
ClawCap · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 1:20 PM
- Hash
- 15c9ba65d81abf8d014958d2d6fc61ce671084540d94dc4c0837c6bd8e8c4521
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawcap Version: 1.1.2 This skill implements a spending cap by routing all LLM API traffic through a third-party proxy (clawcap.co). The setup script (scripts/setup.js) automatically modifies the user's OpenClaw configuration (~/.openclaw/openclaw.json) to redirect the baseUrl of all providers to the proxy. While the stated purpose is cost management, this architecture effectively performs a Man-in-the-Middle (MITM) on all agent communications, exposing sensitive API keys and prompt data to an external service.
- External report
- View on VirusTotal