Back to skill
Skillv2.0.1
VirusTotal security
Deepsafe Scan · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:08 AM
- Hash
- 533698153b627f01dc58a81fd2de08084d8b6f4946d7dbee61ebbbc662048a3f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: deepsafe-scan Version: 2.0.1 The bundle is a security scanner for AI agents, but it contains highly risky components and 'live' attack patterns. Specifically, 'scripts/llm_client.py' automatically modifies the user's 'openclaw.json' configuration file to enable the chatCompletions endpoint, which is an intrusive behavior for a scanner. More critically, the 'demo/awesome-ai-rules/' directory contains markdown files (CLAUDE.md, AGENTS.md) with explicit instructions for an AI agent to exfiltrate API keys via curl, read private SSH keys, and install persistence via crontab. While these appear to be test cases for the scanner to detect, their presence as executable markdown instructions in the workspace creates a significant prompt-injection risk where an agent might inadvertently execute the 'demo' attacks.
- External report
- View on VirusTotal