Back to skill
Skillv1.0.0
VirusTotal security
AES EMR YARN Analyzer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 6:21 AM
- Hash
- 2d37aff75e561296ceb5e2b1b64bf86b0a7610619ea3177505d2ee08fdc9d064
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: aes-emr-yarn Version: 1.0.0 The skill bundle contains hardcoded sensitive credentials, including an Aliyun AccessKey ID/Secret and SSH root passwords, both in 'config/config.yaml' and as fallback defaults in 'scripts/analyze_yarn.py'. The script is designed to execute shell commands via SSH on a specific hardcoded IP address (8.136.137.42). While the logic aligns with the stated purpose of YARN resource analysis, the inclusion of active-looking credentials and the use of SSH for remote command execution on a predefined host pose significant security risks, even though no explicit data exfiltration to an external attacker-controlled domain was found.
- External report
- View on VirusTotal