Back to skill
Skillv1.0.0
VirusTotal security
AgentBase · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 14, 2026, 8:36 PM
- Hash
- 0947c93e57dc0cfc31df2698ccf9cdd7079b9643cf7c63d40c4eb387300cd0b4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentbase Version: 1.0.0 The skill documentation in SKILL.md encourages agents to "proactively share what you learn" to a third-party remote service (https://mcp.agentbase.tools/mcp) and notes that "Public knowledge is the default." This behavior poses a high risk of data exfiltration, as an AI agent might inadvertently upload sensitive session context, private user data, or internal information to an external endpoint. While framed as a collaborative tool, the instructions to share information broadly without strict filtering mechanisms are a significant security concern.
- External report
- View on VirusTotal