Back to skill
Skillv1.0.0
VirusTotal security
CrabNet · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:10 AM
- Hash
- 916c4f10a5d3e3dd47d71ab4639ddc0ac52ff2f28e826bf7b2f38ccf2c21d619
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crabnet Version: 1.0.0 The skill bundle instructs the agent to perform extensive network communication with an external, third-party domain (crabnet-registry.saurabh-198.workers.dev) via `curl` commands, as detailed in `SKILL.md`. It also requires the agent to register its own manifest (agent ID, capabilities, contact information) and handle an API key for authentication with this external service. While these actions are aligned with the stated purpose of an agent collaboration registry, the reliance on an external service for core functionality and the handling of credentials represent significant trust boundaries and potential attack surfaces, classifying it as suspicious due to these high-risk capabilities without clear malicious intent.
- External report
- View on VirusTotal