Back to skill
Skillv1.0.0
VirusTotal security
Gekko Yield · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:18 AM
- Hash
- 41827654439a11cf9b7b810bf7b9d3ec105ed9f44c1e6387085f268bcd39c29f
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: gekko-yield Version: 1.0.0 The OpenClaw AgentSkills skill bundle for 'gekko-yield' is classified as benign. The code and documentation clearly outline its purpose: to manage USDC deposits, withdrawals, and auto-compounding on the Moonwell Flagship USDC vault on Base. Private keys are securely handled by being read from environment variables and explicitly stated as never being logged or written to disk. All blockchain interactions (deposits, withdrawals, approvals, swaps via Odos) are within the stated purpose, involve legitimate DeFi protocols and data providers (Morpho API, CoinGecko), and include transaction previews and simulations. There is no evidence of data exfiltration beyond necessary blockchain interactions, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent to subvert its intended function. Configuration and logs are stored in standard user-level directories (`~/.config/gekko-yield`).
- External report
- View on VirusTotal