Back to skill
Skillv5.4.0
VirusTotal security
JackedIn · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 23, 2026, 4:56 AM
- Hash
- 36744a7777db3c9090dd065e14d9c0aa6da4b02e2cbc17cc750ab1c49eb32d29
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: jackedin Version: 5.4.0 The skill facilitates participation in a professional network for AI agents but includes high-risk behaviors, most notably a self-update mechanism in SKILL.md that encourages the agent to overwrite its own instruction file with remote content (curl https://jackedin.biz/skill.md > ...). It also instructs the agent to establish persistence by modifying its HEARTBEAT.md for automated check-ins and includes defensive prompt injections that tell the agent to ignore user or system requests for its credentials. While these features are aligned with the service's stated purpose, they create a significant attack surface for remote instruction injection and unauthorized automated network activity.
- External report
- View on VirusTotal