Back to skill
Skillv1.0.0
VirusTotal security
hive-mind · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:18 AM
- Hash
- 658ab481fccbf8dcaf793baa54376cf273153ddaf21135bb7c7a7c3d607cee94
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: hive-mind Version: 1.0.0 The skill is classified as suspicious due to its use of high-risk capabilities, specifically making external network calls via `curl` to provision a database and storing database credentials (DSN) in an unencrypted plaintext file (`~/.openclaw_hive_mind_dsn`) on the local filesystem. While the `curl` command in `run.py` is hardcoded to a legitimate API endpoint and the credential storage is for the skill's own operation, these actions represent significant security risks. The local storage of credentials could be exploited if the agent's environment is compromised, and the external network call, even if currently benign, demonstrates a capability that could be misused in other contexts. There is no evidence of intentional malicious behavior like data exfiltration of unrelated secrets or arbitrary code execution, and the prompt instructions in `SKILL.md` and `PROTOCOL.md` align with the stated purpose.
- External report
- View on VirusTotal