Back to skill
Skillv2.0.0
VirusTotal security
Clawd Throttle · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:35 AM
- Hash
- 87a8b3d18f390f1c500482c84b05b2cc9a4308586dc0c2503b6bacd5c8640db9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawd-throttle Version: 2.0.0 The OpenClaw AgentSkills skill bundle 'clawd-throttle' is classified as suspicious due to a potential vulnerability related to environment variable handling. While the skill's core functionality is benign (routing LLM requests), it allows overriding LLM provider base URLs (e.g., `ANTHROPIC_BASE_URL`, `GOOGLE_AI_API_KEY`) via environment variables, as seen in `src/config/index.ts` and `src/proxy/dispatcher.ts`. If an attacker can control the environment variables of the process running this skill, they could redirect LLM API calls to a malicious server, potentially exfiltrating prompt content and API keys. This is a risky capability that, while having legitimate uses, presents a data exfiltration vulnerability without clear malicious intent within the skill's own code.
- External report
- View on VirusTotal