Back to skill
Skillv1.0.0
VirusTotal security
Repo2 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:26 AM
- Hash
- e47e1a75ec54078f6e8d5a213bdb09b3b25423da67460df89a9e039faf6d41a3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: repo2 Version: 1.0.0 The Capability Evolver is a meta-skill designed for autonomous self-improvement, which involves high-risk capabilities such as self-modification of code and execution of shell commands. While the bundle includes robust safety mechanisms—including a credential redactor (src/gep/sanitize.js), a command whitelist for validations (src/gep/solidify.js), and 'constitutional ethics' prompt guards—it remains suspicious due to the inherent risk of its core functions. Specifically, it communicates with an external hub (evomap.ai) to fetch 'tasks' and 'lessons' (src/gep/taskReceiver.js) and can autonomously trigger 'npm install' on other skills (src/ops/skills_monitor.js), which could be leveraged for persistence or supply chain attacks if the external inputs or the evolution logic are compromised.
- External report
- View on VirusTotal