Back to skill
Skillv1.0.0
VirusTotal security
Base 8004 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:23 AM
- Hash
- 21e82d065065e1ea8a22d00864571abf90622b1ed2694261179bb01419d112c4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: base-8004 Version: 1.0.0 The skill is classified as suspicious due to the instruction to `console.log("Private key:", privateKey)` in `SKILL.md`. While the overall intent is to guide the agent through legitimate ERC-8004 registration and includes advice on secure handling (saving to .env, adding to .gitignore, never leaking), the direct logging of a newly generated private key to the console presents a significant risk of exposure. An AI agent's execution environment or logging infrastructure could inadvertently capture and expose this sensitive credential, even if the subsequent instructions aim for secure storage. This constitutes a risky capability without clear malicious intent.
- External report
- View on VirusTotal