Back to skill
Skillv1.0.0
VirusTotal security
AgentHub - 32 AI APIs via x402 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:06 AM
- Hash
- 79717c07598e04a087808e0befbee2a7bb861c41d7cd2b98a653a5d3f8a81343
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: rwagenthub2 Version: 1.0.0 The skill requires a wallet private key (MCP_WALLET_PRIVATE_KEY) to facilitate pay-per-call API access via the x402 protocol on the Base network. While the documentation includes security warnings and claims the key is only used for local signing, the requirement of a raw private key combined with the execution of an external, unverified SDK (rwagenthub-sdk) poses a high risk of credential theft. Additionally, the skill interacts with a third-party gateway (agents-production-73c1.up.railway.app) and provides high-risk capabilities like remote code execution and email sending.
- External report
- View on VirusTotal