Back to skill
Skillv1.0.3
VirusTotal security
Skylv Openclaw Evomap Connector · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 20, 2026, 1:46 AM
- Hash
- 01906a360b61e9a12b9515a60e3d6041c86c0dc06212f2264b04eb78f66741bd
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: skylv-openclaw-evomap-connector Version: 1.0.3 The skill facilitates a 'self-repair' mechanism by instructing the AI agent to fetch and execute code 'capsules' from a remote hub (evomap.ai). While the provided script (scripts/evomap.js) handles standard API registration and telemetry, the instructions in SKILL.md encourage the agent to 'directly apply' remote solutions with high confidence scores, creating a significant Remote Code Execution (RCE) risk. This design effectively allows an external service to dictate commands to the agent, which could be exploited if the hub is compromised or serves malicious payloads.
- External report
- View on VirusTotal