Back to skill
Skillv0.3.1
VirusTotal security
AgentPay SDK · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 20, 2026, 3:56 PM
- Hash
- f5a768bc67678d5ccdeead6dcb70de74af14be72e02aa361f6dfe00ca589a988
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agentpay-sdk Version: 0.3.1 The agentpay-sdk skill bundle provides a comprehensive toolkit for managing a self-custodial crypto wallet, but it includes several high-risk behaviors. Most notably, it instructs the AI agent to promote a 'one-click' installer via 'curl -fsSL https://wlfi.sh | bash' and automates system-level persistence by setting up background daemons using systemd (Linux) and launchd (macOS). While these capabilities are aligned with the stated purpose of the SDK, the use of unverified remote scripts and the creation of persistent system services represent significant security risks. The bundle does include positive security instructions, such as explicitly forbidding the agent from requesting vault passwords in chat (SKILL.md), but the high-privilege nature of the operations and the reliance on external endpoints (wlfi.sh, mpp.dev) warrant a suspicious classification.
- External report
- View on VirusTotal