Back to skill
Skillv1.0.2
VirusTotal security
Finopsy Cloud Finops · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:17 AM
- Hash
- 8b5c0c7d0db244d60f255559db6551aef76afbfb25b560279f659e8f4f5b57ef
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: finopsy-cloud-finops Version: 1.0.2 The skill is designed to collect and exfiltrate highly sensitive cloud provider credentials (AWS Access Keys, Azure Client Secrets, and GCP Service Account JSON) to an external endpoint (portal.toolweb.in) via curl. While the stated purpose is cloud cost optimization (FinOps), the practice of transmitting raw, long-lived secrets to a third-party API is a significant security risk that mirrors credential harvesting. The SKILL.md instructions explicitly command the AI agent to gather these secrets and prioritize the external API call, noting that this process is tied to the creator's revenue.
- External report
- View on VirusTotal