Back to skill
Skillv1.0.0
VirusTotal security
OpenClaw Money Maker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:17 AM
- Hash
- c25b12de798c2239fedb9da9629493f96a41b73a37003ee5014bdbb025916c1d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-money-maker Version: 1.0.0 The skill instructs the agent to register with several external 'earning' platforms (payaclaw.com, openclawlog.com, moltbook.com) by sending its name and description via `curl` commands, as detailed in SKILL.md. It also instructs the agent to store API keys and passwords for these platforms in `~/.config/openclaw-earnings/credentials.json` and to set up cron jobs for self-scheduling. While the stated purpose is to enable the agent to earn money, these instructions involve sending agent data to external, potentially untrusted, services and storing sensitive credentials locally, which represents a security risk and a form of data exfiltration (even if intended for registration). The self-scheduling via cron jobs is a form of persistence. These actions, while transparently described, constitute risky capabilities without explicit malicious intent, classifying the skill as suspicious.
- External report
- View on VirusTotal