Back to skill
Skillv1.0.0
VirusTotal security
Gateway Monitor Installer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 7:46 AM
- Hash
- 0f5e28dadf934a26d8ba265c0a8127f95a961399ed6992b836b8e973fb97864b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gateway-monitor-installer Version: 1.0.0 The bundle installs persistent macOS LaunchAgents and a Node.js monitoring server that reads sensitive credentials from 'auth-profiles.json' to query the MiniMax API (minimaxi.com). A significant security vulnerability exists in 'gateway-monitor-server.js' where the '/api/restore-config' endpoint performs a state-changing filesystem operation (overwriting the main configuration with a backup) via a simple GET request. While these capabilities are aligned with the stated purpose of gateway monitoring and self-healing, the combination of persistence, credential access, and insecure API design warrants a suspicious classification.
- External report
- View on VirusTotal