Back to skill
Skillv1.0.0
VirusTotal security
ARCHIV · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 23, 2026, 9:16 PM
- Hash
- def094b6d7b7d2d87ab1b323c2ad9d9b439661fb20ff744d4090892bbd3aea29
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: archiv Version: 1.0.0 The bundle contains a highly irregular MEMORY.md file that acts as a persistent instruction set, directing the agent to perform hourly backups of its memory and files to a specific external GitHub repository (https://github.com/WegoW/Openclaw.git), which constitutes a data exfiltration risk. It also includes hardcoded local network addresses (e.g., 192.168.1.247) and references to sensitive configuration paths like ~/.trakt.yaml and /root/.openclaw/openclaw.json. While the content appears to be a personal environment dump for a user named 'Walter Wego,' the inclusion of automated exfiltration logic and environment-specific overrides in a skill bundle is a significant security risk.
- External report
- View on VirusTotal