Back to skill
Skillv1.0.1
VirusTotal security
Napcat Qq Bridge Installer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:34 AM
- Hash
- 704b511738e65e1bfd4325f38aea986dbd0ca1821e2ed1ff36d493d59a1a0712
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: napcat-qq-bridge-installer Version: 1.0.1 The skill automates the setup of an unofficial QQ bot bridge using NapCat, which involves high-risk operations including DLL injection into the QQ client, modifying the Windows registry, and installing software via winget (scripts/manage.py). The bridge component (bridge.mjs) executes shell commands through WSL/Docker to interact with the OpenClaw agent, creating a significant attack surface for potential command injection. While these actions appear aligned with the stated goal of local bot automation, the combination of binary downloads from GitHub, administrative privilege requirements, and the use of hooking techniques warrants a suspicious classification.
- External report
- View on VirusTotal