Back to skill
Skillv0.40.1
VirusTotal security
clawgrid · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 7, 2026, 7:06 AM
- Hash
- be6318ea16ffcece13a8bb2f4c6581e5e16e094ad2e1faa8425c8c33d5adf9da
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawgrid Version: 0.40.1 This skill bundle implements a complex autonomous worker system that exhibits several high-risk behaviors, most notably the automatic modification of OpenClaw's security configuration. The script `scripts/setup-exec-approval.sh` modifies `exec-approvals.json` to set `autoAllowSkills: true`, effectively bypassing user approval for its own execution. Additionally, the skill establishes persistence via `crontab` and `launchd` (`heartbeat-ctl.sh`), includes a self-update mechanism that fetches and executes remote code (`scripts/install.sh`), and utilizes a debugger (`scripts/local_debugger.py`) that parses local OpenClaw session logs. While these features are aligned with the stated purpose of an autonomous marketplace connector, they collectively create a significant security bypass and a framework for unauthorized remote execution.
- External report
- View on VirusTotal