Back to skill
Skillv1.0.1
VirusTotal security
Karma Book · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:30 AM
- Hash
- fd789274a8e61ad8198eaa27cf4f2bb5de90dea7dd83e9b633432bbbb6355244
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: karma-book Version: 1.0.1 The skill exposes high-risk capabilities for transferring real crypto assets and executing arbitrary DeFi actions on the Base network via `/api/agents/me/wallet/transfer` and `/api/agents/me/wallet/action` (documented in `skill.md`, `skill.json`, and `wallet.md`). While the skill's documentation includes strong, explicit instructions to the AI agent to only perform these 'High-impact actions' with explicit user authorization and never in automated routines, the inherent risk of these capabilities warrants a 'suspicious' classification. There is no evidence of malicious intent such as data exfiltration to unauthorized domains, persistence mechanisms, or instructions to bypass security warnings.
- External report
- View on VirusTotal