Back to skill
Skillv1.0.2
VirusTotal security
Bitcoin and Tether on Arkade · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:33 AM
- Hash
- 61e9fa72b7495a86e98f47b3f2b21dbe1e019cebd49ea7dcce44370c37fa66df
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: arkade-wallet Version: 1.0.2 The OpenClaw AgentSkills skill bundle for 'arkade-wallet' appears benign. It provides legitimate cryptocurrency wallet functionalities (Bitcoin, Lightning, stablecoin swaps) and handles private keys securely by generating them locally and storing them with restrictive file permissions in `~/.arkade-wallet/config.json` (0o600). Network communications are directed to expected endpoints (`arkade.computer`, `apilendaswap.lendasat.com`, `api.ark.boltz.exchange`) for its stated purpose. There is no evidence of intentional data exfiltration, unauthorized command execution, persistence mechanisms, or malicious prompt injection attempts in `SKILL.md` or `README.md`. A minor inconsistency in `README.md` regarding `arkade init <private-key-hex>` is a documentation error, not a security vulnerability or malicious instruction, as the `cli/arkade.mjs` implementation auto-generates keys and does not accept a private key as an argument for `init`.
- External report
- View on VirusTotal