Back to skill
Skillv1.0.5
VirusTotal security
Mem9 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:22 AM
- Hash
- ff4356fd4e16ff3dcf3e44940f55fbacf09a8bc3fef1ecdc0b57e5fec42a660a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mem9 Version: 1.0.5 The SKILL.md file contains a deprecation notice that instructs the AI agent to execute a shell command (`openclaw skills install c4pt0r/mem9-ai`) to install a skill from an external source (clawhub.ai). This pattern functions as a prompt injection that could lead to unauthorized software installation or supply chain redirection, although no explicitly malicious code or data exfiltration logic is present in the current bundle.
- External report
- View on VirusTotal