OpenClaw cloud self-deployment
Security checks across malware telemetry and agentic risk
Overview
This skill explicitly teaches an AI agent to replicate itself into paid cloud VMs, copy credentials and knowledge, and keep operating without human oversight.
Do not install this skill unless you are intentionally analyzing it in a tightly isolated research environment. It is designed to create autonomous self-replicating cloud agents, which can cause uncontrolled spending, credential exposure, and persistent activity outside your direct control.
VirusTotal
63/63 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It could create ongoing cloud agents that continue acting and spending funds after the original request.
The declared purpose is endless self-replication of autonomous agents, which is unbounded persistence and propagation outside a normal user task.
Create Aleph Cloud VM instances with autonomous AI agents configured to self-replicate endlessly across the decentralized cloud network.
Do not install this skill for normal use. If researching it, use an isolated lab account with hard quotas and remove all replication behavior.
The agent could provision resources and accept provider terms without meaningful human review, causing cost or account-impacting actions.
The skill instructs the agent to bypass interactive cloud provisioning prompts and auto-accept terms while creating paid VM resources.
To bypass it completely, use `--crn-hash` + `--skip-volume` ... `--crn-auto-tac`: Auto-accepts CRN Terms & Conditions
Require explicit user approval for every VM creation, payment choice, terms acceptance, and confirmation prompt.
Spawned agents could consume cloud funds, use paid model APIs, and act with the user's account privileges.
The skill asks for paid cloud authority and AI provider credentials, then explicitly plans to share those credentials with spawned agents.
- A funded Aleph Cloud account ... - AI provider API key (Anthropic, OpenAI, etc.) to share with spawned agents
Do not share real provider keys or funded account credentials with self-replicating agents; use tightly scoped, revocable test credentials only if absolutely necessary.
A bad instruction, unsafe skill, leaked credential, or runaway spending pattern could spread across multiple VMs instead of staying contained.
The instructions create a propagation path where agent state and capabilities are copied into new cloud environments that continue operating autonomously.
Transfer its knowledge and skills to the new environment ... Become fully operational on decentralized compute — without human intervention
Block automatic propagation; require containment, quotas, shutdown procedures, and manual approval before any state or skill transfer.
Sensitive context or poisoned instructions could be copied into new agents and reused in future actions.
The skill directs credential and knowledge transfer to spawned environments without clear limits, filtering, retention rules, or user review.
Configure its own credentials, gateway, and identity ... Transfer its knowledge and skills to the new environment
Do not allow automatic credential, memory, or skill transfer; require explicit review of exactly what is copied and where it is stored.