Skillv1.3.0

VirusTotal security

Openclaw Send Skill · External malware reputation and Code Insight signals for this exact artifact hash.

SuspiciousApr 30, 2026, 4:16 AM

Hash: 8dcb850ccfebc92453fd7eab1883bee4e5e4f44e15434a2359d13b260427d247
Source: palm
Verdict: suspicious
Code Insight: Type: OpenClaw Skill Name: ceaser-send Version: 1.3.0 The skill is classified as suspicious due to its broad use of Bash for system commands and its reliance on `npx -y` to execute external packages. While the code and instructions appear to use these capabilities for their stated purpose (automated ETH transfers via the Ceaser protocol), the extensive use of `Bash` (`curl`, `jq`, `node`, `mv`, `chmod`) and `npx -y ceaser-mcp` introduces significant vulnerability surfaces. Specifically, `npx -y` can download and execute arbitrary code from npm, posing a supply chain risk if the `ceaser-mcp` package were compromised. Additionally, the direct manipulation of `~/.ceaser-mcp/notes.json` using complex `jq` commands, although carefully implemented, demonstrates powerful file system access that could be exploited if inputs were not properly controlled. There is no evidence of intentional malicious behavior like data exfiltration or backdoors, and sensitive data (mnemonics, ZK backup strings) are handled with explicit security warnings and passed via environment variables to local scripts (`helpers/wallet-ops.js`), which is a relatively secure practice for secrets.
External report: View on VirusTotal