Back to skill
Skillv1.0.2
VirusTotal security
Moses Coordinator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:12 AM
- Hash
- 7ef8422cea5def1555f9421f0b47c58c49d2cbbdc71b29592673d276eabf8c7a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: moses-coordinator Version: 1.0.2 The moses-coordinator skill implements a background daemon that monitors local session traffic via WebSockets (ws://127.0.0.1:18789) and executes an external script (audit_stub.py) via subprocess to log sequence violations. While these behaviors are consistent with its stated purpose of agent governance, the combination of persistent background monitoring, shell execution, and explicit instructions for establishing macOS persistence (launchd) are classified as high-risk capabilities. No evidence of malicious intent was found, and the documentation (SKILL.md) proactively advises against providing sensitive secrets (MOSES_OPERATOR_SECRET).
- External report
- View on VirusTotal