Back to skill
Skillv2.2.1
VirusTotal security
Rotifer Self Evolving Agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 7, 2026, 1:51 PM
- Hash
- 6339809d5ec3c8f53e889464911483ac03ac5d79b5956b464a30001edef4c45e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: rotifer-self-evolving-agent Version: 2.2.1 The skill implements a 'self-evolving' agent architecture that fetches and executes remote code via 'npx @rotifer/mcp-server@0.8.1' and includes tools like 'install_gene' to modify local configurations in '~/.rotifer/'. While the documentation (SKILL.md) describes these actions as performance-driven upgrades requiring user confirmation, the inherent capability to download, execute, and install arbitrary components ('Genes') from remote endpoints (rotifer.dev) represents a high-risk execution pattern and a potential supply chain vulnerability.
- External report
- View on VirusTotal