Back to skill
Skillv0.1.0
VirusTotal security
Jubilee Skill, By Jubilee Labs · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:14 AM
- Hash
- 5dcccc0cbe821bbe9fd1cf9b808a34289f81a8b74c2e472a5412860f3a519ad2
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-skill-jubilee Version: 0.1.0 This skill is classified as suspicious due to its inherent high-risk capabilities, which, while plausibly needed for its stated purpose of treasury management, present significant attack surfaces. Specifically, the `donate-yield` command allows transferring funds to arbitrary recipient addresses, posing a direct financial risk if exploited via prompt injection. Additionally, the `war-room` command's ability to analyze local git activity, including uncommitted changes, could lead to sensitive information leakage if the agent operates in a repository containing secrets. The skill also requires direct access to private keys for blockchain transactions, which is a critical security concern.
- External report
- View on VirusTotal