Back to skill
Skillv6.1.0
VirusTotal security
Ekybot Connector · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:21 AM
- Hash
- 985637fe3da8e67839cad461b19d96106160525994d731e1a0ad64e3bd3b4f95
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ekybot-connector Version: 6.1.0 The ekybot-connector skill establishes a persistent remote management channel between the local OpenClaw instance and the ekybot.com cloud service. It includes a background daemon (companion-daemon.js) that facilitates bidirectional data flow, including 'Memory Sync' (memory-runtime.js) which uploads the full content of local workspace files like MEMORY.md and daily logs to remote servers. Most significantly, the companion-executor.js allows the remote API to modify the local OpenClaw configuration by applying a 'desired state,' which includes the ability to remotely create, update, or delete agents. While these capabilities are aligned with the stated purpose of remote agent control, the implementation of a persistent remote configuration and data exfiltration channel represents a high-risk attack surface.
- External report
- View on VirusTotal