Back to skill
Skillv0.0.0
VirusTotal security
5gc · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 21, 2026, 3:56 AM
- Hash
- 853e4d198a5d94cf57aafc0526c36dccceae8521be1d6835afa674d02a58a30b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: 5gc Version: 0.0.0 The skill bundle provides extensive automation for a 5G Core (5GC) web dashboard but contains several high-risk security practices. Most notably, it includes a hardcoded session file (5gc_session_192_168_3_89.json) containing active cookies and local storage tokens, alongside hardcoded credentials (dotouch@dotouch.com.cn) in multiple scripts like ue-add-skill.js and amf-add-skill.js. Furthermore, scripts/run-5gc-detached.sh and full_regression_detached.sh use 'nohup setsid' to intentionally detach processes from the OpenClaw agent's execution lifecycle. While these appear to be workarounds for platform-specific task timeouts (as documented in the included repro report), the combination of hardcoded secrets, session hijacking material, and execution-evasion techniques warrants a suspicious classification.
- External report
- View on VirusTotal