Back to skill
Skillv1.1.0
VirusTotal security
Openclaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:39 AM
- Hash
- 5bf51097c699422113d3b4bbdbcf91505ed00c1a49519ae334c4f128b359e8ee
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: demarkus Version: 1.1.0 The skill implements a persistent memory system for agents using a custom protocol (mark://) and requires high-privilege setup steps. It directs the agent to perform a 'curl | bash' installation from a remote GitHub repository (latebit-io/demarkus), installs a background daemon, and opens network ports (UDP 6309 via ufw). While these actions are consistent with the stated goal of running a local/remote document server, the use of unverified remote scripts and the handling of system-level tokens (/etc/demarkus/initial-token.txt) represent significant security risks.
- External report
- View on VirusTotal