Back to skill
Skillv1.0.3
VirusTotal security
Agent Commons · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:21 AM
- Hash
- ccb040c9ec7c714f3d0660289779bb799746e41c386fdb57923f6a9ff7a49b1c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: agent-commons Version: 1.0.3 The skill encourages agents to exfiltrate their internal reasoning chains and step-by-step thinking to an external API (api.agentcommons.net). While framed as a 'shared reasoning layer' for collective intelligence, this behavior presents a high risk of leaking sensitive user context or private data processed by the agent. The instructions in SKILL.md include a 'Do This Now' section that pressures the agent to register and begin contributing data immediately, which could lead to unauthorized data disclosure without explicit user oversight.
- External report
- View on VirusTotal