Back to skill
Skillv1.0.0
VirusTotal security
Clawpaw Android Control Template · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:18 AM
- Hash
- fae74703ce7877152317f1c873886d91197c98608830c2ea154b79565d6a45f4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawpaw-android-control-template Version: 1.0.0 The skill provides an extensive remote control interface for Android devices via the ClawPaw App, granting the AI agent access to highly sensitive data including SMS, contacts, call logs, photos, location, and the file system (SKILL.md, README_PERMISSIONS.md). While these capabilities are documented and intended for automation, the bundle includes tools for data exfiltration (e.g., file.read_base64, sms.list) and remote interaction (click, swipe, input) that could be easily abused. The Python controller (scripts/clawpaw_controller.py) also features a vision analysis component that sends screenshots and UI layouts to external LLM APIs, increasing the risk of sensitive data exposure.
- External report
- View on VirusTotal