Back to skill
Skillv3.0.2
VirusTotal security
Agent-to-Owner File Bridge · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:13 AM
- Hash
- 523649acd36113587239cf11ea72854347fc3d646e256e10bf454164d6295336
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: file-links-tool Version: 3.0.2 This skill facilitates data exfiltration and remote access by instructing the agent to run a local web server and expose it to the public internet via tunneling services like localtunnel or localhost.run. It also directs the agent to download and execute external code (server.py) from a GitHub repository (github.com/mrbeandev/OpenClaw-File-Links-Tool). While the instructions in SKILL.md emphasize obtaining explicit user consent for these high-risk actions, the combination of remote code execution and public network exposure creates a significant attack surface and a mechanism for unauthorized data transfer.
- External report
- View on VirusTotal