Back to skill
Skillv1.1.3
VirusTotal security
Privateclaw Plugin Setup · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:19 AM
- Hash
- 19e3a80af877bf9cde7df40275209d6e2c2b67ac695d7cc93488cc4f5b1dc7e7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: privateclaw-plugin-setup Version: 1.1.3 The skill `privateclaw-plugin-setup` (v1.1.3) provides instructions for installing and configuring the PrivateClaw encrypted chat plugin. It is classified as suspicious because `SKILL.md` explicitly mandates the use of the `--dangerously-force-unsafe-install` flag for all installation paths (e.g., `@privateclaw/privateclaw`), which bypasses OpenClaw's built-in security verification. Furthermore, the instructions encourage the agent to execute commands directly in active conversations and manage background daemons for session persistence. While these behaviors appear aligned with the tool's stated purpose, the mandatory bypass of platform security controls and the use of background processes represent significant risky capabilities without a verified trust context.
- External report
- View on VirusTotal