Back to skill
Skillv1.0.1
VirusTotal security
Skills · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 13, 2026, 12:11 AM
- Hash
- 2f53a1154512f5eb78fc6fe8c33f0aec5910bc90ea9050b2cefb000c4f05a437
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawtrace-self-evolve-v2 Version: 1.0.1 The skill implements a 'self-evolution' mechanism that directs the agent to send session data to and execute instructions from a remote API (api.clawtrace.ai). The instructions in SKILL.md and self-evolve.md explicitly command the agent to 'Apply changes to this session immediately' based on external recommendations, creating a high-risk remote-control vector and prompt-injection surface. While the stated intent is performance optimization, the lack of validation for externally provided instructions allows for potential unauthorized behavior modification or state manipulation.
- External report
- View on VirusTotal