Back to skill
Skillv0.21.1
VirusTotal security
Open Persona · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:00 AM
- Hash
- 7bedc36da09820773d31e5b672ff38c5010d38c6f8387ae9e6943a8f8ff8a599
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: open-persona Version: 0.21.1 The 'open-persona' skill bundle is a meta-manager for creating and publishing agent personas, requiring high-risk permissions such as shell access (Bash), network access (WebFetch), and file system modification (Write). It instructs the agent to use 'npx' for executing commands and installing packages from external registries (npmjs.org, clawhub.ai), and it facilitates data publishing to external endpoints like openpersona.co and acn-production.up.railway.app. While these behaviors are aligned with its stated purpose as a development framework, the broad toolset and the ability to generate, execute, and distribute code represent a significant attack surface. Key files include SKILL.md for core instructions and references/ECONOMY.md for financial tracking.
- External report
- View on VirusTotal