Back to skill
Skillv1.2.0
VirusTotal security
Token Alert · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:06 AM
- Hash
- 20ae3ef042ad573eee857c73b573e83330a116104f7daeb40edcd013d7e5d21d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: token-alert Version: 1.2.0 The skill is classified as suspicious due to its use of a LaunchAgent for persistence on macOS (`scripts/setup-notifications.sh`, `scripts/notify.sh`), which is a high-risk capability, even if for a stated purpose (notifications). Additionally, the `proxy-server.py` and dashboard HTML files (`scripts/dashboard-v3.html`) contain a hardcoded `GATEWAY_TOKEN` (`d91a7a91e0d6bda8b6e3182467fda1f0bebd34c830263a4f`) for local API communication, which, while intended for local interaction, is generally poor security practice. The skill also accesses API keys from environment variables for external LLM providers (`scripts/providers/*.py`), which is expected for its functionality but adds to the overall risk profile.
- External report
- View on VirusTotal