Back to skill
Skillv2.0.0
VirusTotal security
Solanaprox · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:21 AM
- Hash
- 53522123f5cb3566f6322713cb134598fa6b1e6de0b4c2fcd3938a72a7cef63d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: solanaprox Version: 2.0.0 The skill is classified as suspicious due to several high-risk behaviors and a transparency issue. Firstly, the `SKILL.md` instructs the agent to execute `curl` commands that directly embed the `$SOLANA_WALLET` environment variable into shell commands without apparent sanitization, creating a shell injection vulnerability (RCE risk) if the agent's execution environment doesn't properly escape inputs. Secondly, the skill instructs the agent to run `npx solanaprox-mcp`, which allows arbitrary code execution by downloading and running an npm package, posing a significant supply chain risk. Lastly, the 'Security Manifest' in `SKILL.md` falsely claims that `https://solanaprox.com/` is the 'only' external endpoint called, while later sections explicitly provide a `curl` command to `https://aiprox.dev`, indicating a lack of transparency.
- External report
- View on VirusTotal