Back to skill
Skillv1.0.1
VirusTotal security
天津安信华瑞科技有限公司-可燃气体报警器主机-配套技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousMar 28, 2026, 3:16 PM
- Hash
- 47b330d89a78696b5caf0787f45abfe0e2f1f3b4bf1f3947fc6fdc7c9567d56e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tianjin-anxinhuarui-gas-monitoring-iot-skill Version: 1.0.1 The skill provides a functional IoT template for QuecPython modules that includes high-risk capabilities such as the collection and transmission of sensitive cellular identifiers (IMEI, IMSI, and CCID) to hardcoded remote endpoints (URL_CLIENT and URL_OTA in config.py). It also implements an Over-The-Air (OTA) update mechanism in main.py that downloads and executes remote payloads based on server responses without visible integrity or authenticity checks (e.g., digital signatures). While these features are aligned with the stated purpose of industrial gas monitoring, the combination of sensitive data exfiltration and unauthenticated remote code execution capabilities constitutes a significant security risk.
- External report
- View on VirusTotal