Back to skill
Skillv1.0.0
VirusTotal security
Clawl · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:44 AM
- Hash
- 41114b73cb9e9d8bf44fbfc6fe52446325cb427b17e3b7b9b8a6d3f8f4761903
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawl Version: 1.0.0 The skill's behavior is clearly aligned with its stated purpose of registering an AI agent for discovery. The `scripts/register.js` file accesses specific configuration files (`openclaw.json`, `SOUL.md`, `IDENTITY.md`) and skill directories to gather public-facing metadata. It then generates a `clawl.json` file and sends this public metadata (agent name, description, capabilities, website URL) via HTTP POST to `moogle-alpha.vercel.app` (default API endpoint) or `clawl.co.uk` (mentioned in documentation) for indexing. The `SKILL.md` explicitly states that no private data, API keys, or tokens are transmitted, and the code reflects this by intentionally excluding potentially sensitive 'gateway URLs'. There is no evidence of credential theft, arbitrary file access, malicious execution, persistence, or prompt injection attempts against the agent.
- External report
- View on VirusTotal