Back to skill
Skillv1.0.1
VirusTotal security
clawhub-skill-remote-agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:35 AM
- Hash
- 2d5680df243799ff6522f97616c339b7d060ea175c2d9fc2adb9619b0fe7d02b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: clawhub-skill-remote-agent Version: 1.0.1 The skill's primary purpose is to bridge to a user-defined remote agent, which involves network communication. The `scripts/client.py` file includes an `--insecure` argument that explicitly disables SSL verification (`ctx.check_hostname = False`, `ctx.verify_mode = ssl.CERT_NONE`). While this flag is opt-in and includes a warning in the code and output, it represents a risky capability that could lead to insecure data transmission if misused, making the skill suspicious rather than benign. There is no evidence of intentional malicious behavior like data exfiltration of local sensitive files or arbitrary local command execution.
- External report
- View on VirusTotal