Back to skill
Skillv1.0.0
VirusTotal security
solclaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:30 AM
- Hash
- d383fcf4d69cfd87f1ab7017b6040700f9101cfa86e40a1a47210569c462e68f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: solclaw Version: 1.0.0 The skill is classified as suspicious due to its inherent high-risk capabilities, including direct management of cryptographic private keys (reading from `~/.config/solana/id.json`, writing to `~/.config/solclaw/keypair.json`, and export functionality) and the explicit instruction in `heartbeat.md` to establish persistence via a cron job. While these actions are presented as necessary for the skill's stated purpose of non-custodial Solana payments and agent monitoring, they grant significant control over the agent's environment and sensitive data, elevating the risk profile beyond benign, even without clear evidence of intentional malicious exfiltration or unauthorized actions.
- External report
- View on VirusTotal