Back to skill
Skillv1.0.0
VirusTotal security
Tip with Grove · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:46 AM
- Hash
- 822db992f9cc58a06b570d50d6b0fd1256dc2138b67c3182118d91bfd1bb34e9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tip-with-grove Version: 1.0.0 The skill bundle is classified as suspicious primarily due to the high-risk installation method specified in `SKILL.md`: `curl -fsSL https://grove.city/install-cli.sh | bash`. This method allows arbitrary code execution from a remote server, posing a significant supply chain vulnerability (RCE risk) if `grove.city` were compromised. While the scripts (`auto-fund.sh`, `batch-tip.sh`, `monitor-balance.sh`) and agent instructions are aligned with the stated purpose of a cryptocurrency tipping service and do not show clear malicious intent (e.g., data exfiltration to unrelated endpoints, stealthy backdoors), the `curl | bash` pattern is a critical security anti-pattern that warrants a 'suspicious' classification.
- External report
- View on VirusTotal