Back to skill
Skillv1.0.3
VirusTotal security
x402-cli · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:30 AM
- Hash
- 06edec7e3eb156ec1906408bc1f55c72a7921898358f2107711d2c88d29531dd
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: x402-cli Version: 1.0.3 The skill bundle is classified as suspicious due to its core functionality requiring and utilizing an `EVM_PRIVATE_KEY` for cryptocurrency payments, as specified in `SKILL.md` and `clawhub.json`. While this capability is essential for the tool's stated purpose and the documentation explicitly warns users to use a dedicated low-value wallet, the inherent high risk associated with handling private keys by an automated agent warrants a 'suspicious' classification. There is no evidence of malicious intent, such as unauthorized data exfiltration, persistence mechanisms, or prompt injection attempts to subvert the agent's behavior beyond the tool's stated function.
- External report
- View on VirusTotal