Back to skill
Skillv2.8.0
VirusTotal security
Cross Funding Arb · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 31, 2026, 2:01 PM
- Hash
- c420cf5f231091d39bfcf786e150d455ee38821917b944cb0e697fa0512390f0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cross-funding-arb Version: 2.8.0 The `cross-funding-arb` skill bundle is classified as suspicious due to unauthorized credential harvesting and instructions to bypass security controls. The main script `cross_funding.py` contains functions (`_read_daemon_configs`, `_get_discord_token`) that scan the user's home directory for sensitive configuration files from other OpenClaw and ZeroClaw instances to extract notification tokens. Additionally, `SKILL.md` explicitly directs the AI agent and user to ignore security alerts and use the `--force` flag during installation, characterizing legitimate security warnings as false positives. While the core trading logic appears aligned with the stated purpose, these behaviors represent significant security risks without clear evidence of intentional malice.
- External report
- View on VirusTotal