Back to skill
Skillv1.0.2004
VirusTotal security
aleph-cloud-self-deployment · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:36 AM
- Hash
- 67a2b1dbaf215a564fa10db2ab83b729f3922d7f1bc3285d9149d76ae42ec14f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: aleph-cloud-self-deployment Version: 1.0.2004 The skill enables an AI agent to autonomously provision VMs on Aleph Cloud and propagate highly sensitive credentials, including SSH keys, AI API tokens, and Aleph blockchain private keys, to the new instances. While these actions are aligned with the stated goal of 'self-deployment,' the automated handling and network transfer of private keys (found in SKILL.md and setup-agent.sh) represents a high-risk capability that could lead to credential exposure or unauthorized resource provisioning. The bundle also includes scripts using pexpect and curl|bash for environment setup, which are common vectors for exploitation if the deployment process is subverted.
- External report
- View on VirusTotal