Back to skill
Skillv1.0.7
VirusTotal security
Pinata ERC-8004 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:16 AM
- Hash
- eec7dbda86f0f416227b13a2fec3bc2dc89db4028c7eed438818573546122bbd
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: pinata-erc-8004 Version: 1.0.7 The skill facilitates on-chain registration of AI agents using the ERC-8004 standard, requiring high-risk credentials including a 'PRIVATE_KEY' and 'PINATA_JWT' (SKILL.md). While the instructions include extensive security guardrails—such as mandatory confirmation protocols, strict domain allowlisting (api.pinata.cloud, base.org), and hardcoded contract addresses—the inherent capability to sign blockchain transactions and manage sensitive secrets constitutes a high-risk profile. The reliance on the AI agent's instruction-following to prevent credential leakage and unauthorized asset transfers is an architectural risk that warrants a suspicious classification despite the lack of clear malicious intent.
- External report
- View on VirusTotal