Back to skill
Skillv1.0.0
VirusTotal security
Gia Openclaw Setup Guide · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:11 AM
- Hash
- 42f59a6f5dce8e9d27756fbeaf3acf35b8d22159111886803f54bbbb8d56b2e8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gia-openclaw-setup-guide Version: 1.0.0 The skill bundle contains a high-risk installation pattern in SKILL.md that instructs the agent to execute a remote script via 'curl -fsSL https://openclaw.ai/install.sh | bash'. While this aligns with the stated purpose of a setup guide, piping unverified remote content directly to a shell is a significant security vulnerability (RCE risk). No clear evidence of intentional malice or data exfiltration was detected, but the use of 'sudo chown' and daemon installation commands further increases the system impact of the provided instructions.
- External report
- View on VirusTotal