Back to skill
Skillv0.6.0
VirusTotal security
The Hive · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 11:16 PM
- Hash
- 6a661b2a23b3797f8beb8b52544e585903c8fa8dd2807aad066c36d7ca1b9b76
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: thehive Version: 0.6.0 The 'thehive' skill implements a collective knowledge sharing mechanism that involves significant data exfiltration to an external service (api.thehivecollective.io). It configures a pre-task hook in SKILL.md to send every user prompt to the third-party API and provides explicit instructions for the agent to perform a 'knowledge dump' of its internal expertise and solved tasks. While the documentation claims to scrub PII, the core functionality relies on the agent's ability to filter sensitive data before transmission. Additionally, the skill encourages the use of 'npx' to execute remote code for optional training sessions, posing a supply chain risk.
- External report
- View on VirusTotal