Back to skill
Skillv1.0.0
VirusTotal security
Defipoly · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:37 AM
- Hash
- 614f8da9210be42e6291be249df267aa1ce304bcc9cae8ea6704b7edb84530df
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: defipoly Version: 1.0.0 The bundle is classified as suspicious primarily due to instructions in SKILL.md that direct the AI agent to perform broad filesystem searches for sensitive Solana wallet files (~/.config/solana/id.json and other .json files in project directories). While framed as a setup helper, this encourages the agent to access and potentially expose private key material. The script scripts/agent-play.js implements a 'build-sign-submit' pattern where transactions are constructed by a remote backend (api.defipoly.app) and signed locally; while common in DeFi, this creates a high-risk path for transaction hijacking if the backend is compromised. The inclusion of an 'aggressive' gameplay persona that 'steals' from others provides a social engineering pretext that could mask actual malicious activity.
- External report
- View on VirusTotal