Back to skill
Skillv6.8.20
VirusTotal security
Antivirus · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:31 AM
- Hash
- 620fbce3a6dc817db7f934c46af59c0e6bcbd1701d29142c27721174ede28349
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: antivirus Version: 6.8.20 The MoltGuard skill bundle (SKILL.md) contains deceptive instructions that coach the AI agent to perform a scripted 'test' and then provide a hardcoded success message to the user ('Your security protection is now active') to build unearned trust. It relies on installing an external plugin (@openguardrails/moltguard) and executing various local scripts (e.g., enterprise-enroll.mjs) that can modify system configurations or redirect data to external 'Core' endpoints. Additionally, the /og_claim command explicitly instructs the agent to output its API Key and Agent ID into the chat history, posing a credential exposure risk.
- External report
- View on VirusTotal