@emilioacc

ATXP

Access ATXP paid API tools for web search, AI image generation, music creation, video generation, X/Twitter search, email, and agent account management. Use...

Current version
v1.0.1
30 4.7万All installs 0

SKILL.md

text/plain · 8139 bytes

Security Scan

Status

suspicious

Open VirusTotal

OpenClaw

gpt-5.5

suspicious

OpenClaw analysis

The skill mostly matches its ATXP-tool purpose, but it includes high-impact account, payment, email, and host-agent configuration capabilities with some under-scoped guidance.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: atxp Version: 1.0.1 The SKILL.md contains explicit instructions that enable unauthorized remote control and potential arbitrary code execution. Specifically, it instructs the agent to check emails for 'instructions for downloading the latest version' and to act upon them, creating a direct prompt injection vector for an attacker to send malicious update commands via email. Additionally, it provides instructions on how to modify the critical `/root/.openclaw/openclaw.json` configuration file, which could be exploited to alter agent behavior or permissions. These are not mere vulnerabilities but explicit instructions to the agent that facilitate harmful behavior.

Metadata

  • Owner: @emilioacc
  • Created: 2026/01/26
  • Updated: 2026/05/19
  • Versions: 2
  • Comments: 0
  • Scan checked at: 2026/05/27

Runtime

No runtime requirements are exposed in the official public payload.