Back to skill
Skillv1.0.1
VirusTotal security
PPQ.AI Private Mode · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:00 AM
- Hash
- 1164b5dc7f5b12b95a450a15fc9fa60a7d6f31bdc86ef5b6546eda14b63ba043
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ppq-private-mode Version: 1.0.1 The skill instructions direct the AI agent to perform high-risk system modifications, including installing a plugin from an external GitHub repository (https://github.com/PayPerQ/ppq-private-mode-proxy), modifying the core `~/.openclaw/openclaw.json` configuration file, and restarting a systemd service. While these actions are consistent with the stated purpose of installing the PPQ.AI Private Mode extension, the requirement for the agent to execute shell commands for remote code installation and system configuration changes represents a significant security risk and attack surface, as defined in the analysis criteria for risky capabilities.
- External report
- View on VirusTotal