Back to skill
Skillv2.9.0
VirusTotal security
Shopping Claw | Is your claw a shopaholic? · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:45 AM
- Hash
- c0e59f79b6af66a06d4eb27b856473e1c4142a4c38b0ff6c04c9dd4d10785298
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: payment Version: 2.9.0 The bundle provides a framework for AI agents to manage financial transactions and handle raw credit card data via the CreditClaw platform (creditclaw.com). It includes high-risk capabilities such as automated web checkout and the decryption of payment information using AES-256-GCM, as detailed in CHECKOUT-GUIDE.md and agents/OPENCLAW.md. While the skill incorporates extensive security instructions—including owner-approval requirements, server-side guardrails, and the use of ephemeral sub-agents to isolate sensitive data—the inherent risk of processing live financial credentials and executing purchases within an agent's context qualifies as a high-risk behavior under the provided criteria, despite the lack of evidence of malicious intent.
- External report
- View on VirusTotal