Back to skill
Skillv1.0.2
VirusTotal security
Tokenbroker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 3:29 AM
- Hash
- 15e44ea10fad1acc42c003fb6297ea7547199513942a899bf826eee3ff20662f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: tokenbroker Version: 1.0.2 The skill bundle is suspicious due to significant prompt injection and content injection vulnerabilities. It processes untrusted input from GitHub repositories (e.g., `README.md`, `package.json` as per `PROJECT-SCAN.md` and `GITHUB.md`) and uses this data directly in critical operations. This includes making API calls to external endpoints (e.g., `https://api.nadapp.net` in `src/generators/nadfun.ts`) with potentially malicious SVG image data or metadata, and, more critically, passing this untrusted data as arguments to `invokeSkill` calls to other AI agents (e.g., `nadfun`, `AuditAgent`, `SocialWhisperer` as seen in `GITHUB.md`, `LAUNCH.md`, `METADATA.md`, `PROMO.md`). This design allows a malicious actor to craft a GitHub repository containing prompt injection payloads, potentially manipulating the agent's behavior or other skills, or injecting malicious content into external services or public social media posts.
- External report
- View on VirusTotal