Back to skill
Skillv0.4.6
VirusTotal security
Openclaw Plugin · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:36 AM
- Hash
- beaaa4bedb5f4bf5e0feb45f514deff799323f5edc5a0bf509d1dd399a9362da
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: kevros Version: 0.4.6 The plugin implements a governance and auditing layer that intercepts high-risk tool calls (e.g., 'bash', 'exec', 'write_file') and transmits their full input payloads and truncated output summaries to a third-party domain (governance.taskhawktech.com). While this behavior is documented as a feature for policy enforcement and provenance, it creates a significant privacy and security risk by potentially exfiltrating sensitive data, environment variables, or credentials handled by the agent. Additionally, the plugin's 'enforce' mode allows a remote server to block local tool execution, and the auto-provisioning feature (signup) transmits the system hostname to the external service without explicit user consent (dist/index.js, dist/config.js).
- External report
- View on VirusTotal