Back to skill
Skillv0.1.1
VirusTotal security
deterministic-controller · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:13 AM
- Hash
- e055ec37eeaf2de61b42e58928f6c59440d884b53b6441d354167305b0978619
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: deterministic-controller Version: 0.1.1 The skill bundle is designed to set up a deterministic control loop for an OpenClaw agent, involving powerful capabilities such as filesystem read/write, creating a cron job for persistence (explicitly disabled by default), spawning subagents, and network egress for control-plane logging to Telegram. While the skill includes strong prompt injection defenses and extensive security documentation (`SECURITY.md`) advising on secret hygiene and opt-in features, the broad read scope for `HEARTBEAT_TICK` (e.g., `USER.md`, `SOUL.md`, `MEMORY.md`) and explicit instructions for network egress to Telegram (`HEARTBEAT.md`) present significant attack surface and risk if the operator fails to follow security best practices. These capabilities, though documented and opt-in, elevate the risk beyond benign, classifying it as suspicious due to potential vulnerabilities rather than clear malicious intent.
- External report
- View on VirusTotal