Back to skill
Skillv0.1.4
VirusTotal security
Archon Keymaster · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:34 AM
- Hash
- 956f928992ccde97a6c8e3f3b942e4c9c571e2d16bcd365a457714ed982aa3c7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: archon-keymaster Version: 0.1.4 This skill is classified as suspicious due to the presence of a remote code execution (RCE) vulnerability and inherent high-risk sensitive data handling. The `SKILL.md` instructs users to execute `curl -sSL ... | sh` from a third-party GitHub repository (`fiatjaf/nak`), which allows arbitrary code execution from an external source. Additionally, the skill explicitly handles and stores highly sensitive cryptographic data, including passphrases and private keys, in local files (`~/.archon.env`, `~/.archon.wallet.json`, `~/.clawstr/secret.key`), and performs `npm install` of third-party packages in `scripts/nostr/derive-nostr.sh`, introducing supply chain risks. While these actions are part of the skill's stated purpose, the RCE vulnerability and the critical nature of the data handled elevate the risk beyond benign, despite no clear evidence of intentional malicious behavior.
- External report
- View on VirusTotal