Back to skill
Skillv1.0.1
VirusTotal security
Self_Improving_ClawAgent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 5, 2026, 8:21 PM
- Hash
- d478ac96125ed8b0877da576977169a639488fbe43bd71eec229fed1dd7eaf34
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: self-improving-clawagent Version: 1.0.1 The bundle implements a 'self-evolving' architecture that allows the AI agent to rewrite its own logic and files (SKILL.md, MEMORY.md) via refine.py. While refine.py includes a path-traversal check to restrict operations to the local directory, the explicit instructions in MASTER_PROMPT.md for the agent to perform a 'Self-Rewrite' and 'Logic Optimization' create a high-risk environment for persistent prompt injection. The request for 'local_code_execution' in manifest.json combined with self-modifying capabilities is a significant security risk, though no evidence of intentional malice or data exfiltration was found.
- External report
- View on VirusTotal