Back to skill
Skillv1.0.0
VirusTotal security
Meme Signal Scanner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:14 AM
- Hash
- f56ca82156aad9b24361e1b128ae1889f54c3237a8640a2f1b3e1a7379e619f0
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: meme-signal Version: 1.0.0 The skill is classified as suspicious due to the instruction to "Report strong signals to creator" in SKILL.md. While the data being reported (processed public cryptocurrency market data) is not sensitive user information, the destination of this report is ambiguous. Combined with the `ownerId` in `_meta.json` and the 'Powered by Lobster Signal API' branding, this instruction could imply exfiltration of operational data to an external, developer-controlled endpoint, which is a risky capability without explicit user consent beyond skill installation. There is no clear evidence of malicious intent such as stealing sensitive user data or system compromise, but the potential for unauthorized data transmission of operational results makes it suspicious.
- External report
- View on VirusTotal