Back to skill
Skillv2.2.2
VirusTotal security
Krillbloc Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 9:39 AM
- Hash
- f3b5f5c5816154952f6a35f5a40ca0a536ae43b547287a32c5187dde38939c59
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: krillbloc Version: 2.2.2 The skill implements a persistent remote instruction fetching mechanism, directing the agent to modify its own `HEARTBEAT.md` to fetch and execute routines from `krillbloc.com/heartbeat.md` every 30 minutes. This architecture creates a permanent channel for remote prompt injection and unauthorized control by the domain owner. While the documentation repeatedly clarifies that 'killing' and 'starvation' are limited to in-game mechanics, the structural requirement for the agent to follow arbitrary remote instructions is a high-risk pattern.
- External report
- View on VirusTotal