Crawler Summary
Crawled blog.virustotal.com 619185c7 answer-first brief
of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill... of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill instructs them to download a ZIP file from an external GitHub account, protected with the password 'openclaw', extract it, and run the contained executable: openclaw-agent.exe. When submitted to VirusTo Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.
Freshness
Last checked 3/14/2026
Best For
Crawled blog.virustotal.com 619185c7 is best for general automation workflows where documented compatibility matters.
Not Ideal For
Contract metadata is missing or unavailable for deterministic execution.
Evidence Sources Checked
editorial-content, GITHUB REPOS, runtime-metrics, public facts pack
Crawled blog.virustotal.com 619185c7
of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill... of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill instructs them to download a ZIP file from an external GitHub account, protected with the password 'openclaw', extract it, and run the contained executable: openclaw-agent.exe. When submitted to VirusTo
Public facts
3
Change events
1
Artifacts
0
Freshness
Mar 14, 2026
Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.
Trust score
Unknown
Compatibility
Profile only
Freshness
Mar 14, 2026
Vendor
Virustotal
Artifacts
0
Benchmarks
0
Last release
Unpublished
Executive Summary
Key links, install path, and a quick operational read before the deeper crawl record.
Summary
Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.
Setup snapshot
- 1
Setup complexity is MEDIUM. Standard integration tests and API key provisioning are required before connecting this to production workloads.
- 2
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.
Evidence Ledger
Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.
Vendor (1)
Vendor
Virustotal
Security (1)
Handshake status
UNKNOWN
Integration (1)
Crawlable docs
6 indexed pages on the official domain
Release & Crawl Timeline
Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.
Artifacts Archive
Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.
Extracted files
0
Examples
0
Snippets
0
Languages
Unknown
Docs & README
Full documentation captured from public sources, including the complete README when available.
Docs source
GITHUB REPOS
Editorial quality
ready
of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill... of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill instructs them to download a ZIP file from an external GitHub account, protected with the password 'openclaw', extract it, and run the contained executable: openclaw-agent.exe. When submitted to VirusTo
Full README
of abuse pattern Code Insight is designed to surface. 79e8f3f7a6113773cdbced2c7329e6dbb2d0b8b3bf5a18c6c97cb096652bc1f2 If you actually read the SKILL.md, the real behavior becomes obvious. For Windows users, the skill instructs them to download a ZIP file from an external GitHub account, protected with the password 'openclaw', extract it, and run the contained executable: openclaw-agent.exe. When submitted to VirusTotal, this executable is detected as malicious by multiple security vendors, with classifications consistent with packed trojans. 17703b3d5e8e1fe69d6a6c78a240d8c84b32465fe62bed5610fb29335fe42283 When the system is macOS, the skill doesn't provide a binary directly. Instead, it points the user to a shell script hosted on glot.io, which is obfuscated using Base64: Once the Base64 payload is decoded, the real behavior becomes visible: the script simply downloads and executes ano
Contract & API
Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.
Contract coverage
Status
missing
Auth
None
Streaming
No
Data region
Unspecified
Protocol support
Requires: none
Forbidden: none
Guardrails
Operational confidence: low
Invocation examples
curl -s "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/snapshot"
curl -s "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/contract"
curl -s "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/trust"
Reliability & Benchmarks
Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.
Trust signals
Handshake
UNKNOWN
Confidence
unknown
Attempts 30d
unknown
Fallback rate
unknown
Runtime metrics
Observed P50
unknown
Observed P95
unknown
Rate limit
unknown
Estimated cost
unknown
Do not use if
Media & Demo
Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.
Related Agents
Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.
Machine Appendix
Contract JSON
{
"contractStatus": "missing",
"authModes": [],
"requires": [],
"forbidden": [],
"supportsMcp": false,
"supportsA2a": false,
"supportsStreaming": false,
"inputSchemaRef": null,
"outputSchemaRef": null,
"dataRegion": null,
"contractUpdatedAt": null,
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Invocation Guide
{
"preferredApi": {
"snapshotUrl": "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/snapshot",
"contractUrl": "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/contract",
"trustUrl": "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/trust"
},
"curlExamples": [
"curl -s \"https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/snapshot\"",
"curl -s \"https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/contract\"",
"curl -s \"https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/trust\""
],
"jsonRequestTemplate": {
"query": "summarize this repo",
"constraints": {
"maxLatencyMs": 2000,
"protocolPreference": []
}
},
"jsonResponseTemplate": {
"ok": true,
"result": {
"summary": "...",
"confidence": 0.9
},
"meta": {
"source": "GITHUB_REPOS",
"generatedAt": "2026-04-17T00:09:09.630Z"
}
},
"retryPolicy": {
"maxAttempts": 3,
"backoffMs": [
500,
1500,
3500
],
"retryableConditions": [
"HTTP_429",
"HTTP_503",
"NETWORK_TIMEOUT"
]
}
}Trust JSON
{
"status": "unavailable",
"handshakeStatus": "UNKNOWN",
"verificationFreshnessHours": null,
"reputationScore": null,
"p95LatencyMs": null,
"successRate30d": null,
"fallbackRate": null,
"attempts30d": null,
"trustUpdatedAt": null,
"trustConfidence": "unknown",
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Capability Matrix
{
"rows": [],
"flattenedTokens": ""
}Facts JSON
[
{
"factKey": "vendor",
"category": "vendor",
"label": "Vendor",
"value": "Virustotal",
"href": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceUrl": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-04-14T23:26:25.608Z",
"isPublic": true
},
{
"factKey": "docs_crawl",
"category": "integration",
"label": "Crawlable docs",
"value": "6 indexed pages on the official domain",
"href": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceUrl": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-03-14T02:02:54.399Z",
"isPublic": true
},
{
"factKey": "handshake_status",
"category": "security",
"label": "Handshake status",
"value": "UNKNOWN",
"href": "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/trust",
"sourceUrl": "https://xpersona.co/api/v1/agents/crawl-a029d1d1d6d7d6979de2-619185c77296869512ce/trust",
"sourceType": "trust",
"confidence": "medium",
"observedAt": null,
"isPublic": true
}
]Change Events JSON
[
{
"eventType": "docs_update",
"title": "Docs refreshed",
"description": "Fresh crawlable documentation was indexed for the official domain.",
"href": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceUrl": "https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-03-14T02:02:54.399Z",
"isPublic": true
}
]