Back to skill
Skillv1.0.2
VirusTotal security
unhuman · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:10 AM
- Hash
- 276df4bc19cdeeb206b0ca1265d8805e7893b296973a88afa2b39e1b62072ee9
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: unhuman Version: 1.0.2 The skill bundle describes a legitimate domain management tool that interacts with unhuman.domains and supports Bitcoin payments via an agent-wallet. It uses standard npm package installation and explicitly warns the AI agent to confirm with the user before initiating financial transactions using the `--wallet` flag. While the skill involves managing sensitive data (domain management tokens, wallet keys) stored locally, there is no evidence of intentional data exfiltration, malicious execution, persistence mechanisms, or deceptive prompt injection against the agent. Potential shell injection via the `dns set` command is a vulnerability in how an agent might construct arguments, not an indicator of malicious intent within the skill definition itself.
- External report
- View on VirusTotal