Back to skill
Skillv0.1.0
VirusTotal security
Hypha Payment · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:13 AM
- Hash
- a0ae6e6df560b98b903e2dd84b1585aedb30f32a860cb23248e25d7ea27fedea
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: hypha-payment Version: 0.1.0 The skill bundle is classified as suspicious due to its inherent high-risk capabilities involving cryptocurrency transactions and direct handling of sensitive cryptographic material (private keys and seed phrases). The `SKILL.md` explicitly details how to instantiate a `Wallet` using a `private_key` and mentions an optional `PRIVATE_KEY` environment variable, which, if compromised or misused, could lead to significant financial loss. While there is no evidence of intentional malicious behavior like unauthorized data exfiltration or backdoors within the provided files (e.g., the 0.5% protocol fee is transparently documented in `references/network.md` and can be disabled), the core functionality itself presents a substantial attack surface and risk of misuse by a malicious actor or agent prompt.
- External report
- View on VirusTotal