Back to skill
Skillv2.1.2
VirusTotal security
Auto Coding · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 8:02 AM
- Hash
- bb1d567a569e5a6bd234c79301276f961f4831328fe5bf30cb2805dc2e58038d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-coding-correctversion Version: 2.1.2 The bundle contains multiple hardcoded, active-looking API keys for DashScope and MiniMax services across several test scripts (e.g., 9model_test.py, robust_9model_test.py, and test_minimax_m27.py). Additionally, llm_client_v2.py implements a high-risk execution pattern where it generates a temporary Python script and executes it via subprocess.run to interface with the Nanobot environment. While these appear to be architectural workarounds and leaked development credentials rather than intentional malware designed to exfiltrate user data, the combination of credential leaks and dynamic code execution poses a significant security risk.
- External report
- View on VirusTotal