ATXP
Access ATXP paid API tools for web search, AI image generation, music creation, video generation, X/Twitter search, email, and agent account management. Use...
暂无可比对内容
需要至少一个上一版本,才能生成差异对比。
Security Scan
状态
suspicious
OpenClaw
gpt-5.5
OpenClaw 分析
The skill mostly matches its ATXP-tool purpose, but it includes high-impact account, payment, email, and host-agent configuration capabilities with some under-scoped guidance.
置信度: high
VirusTotal
Type: OpenClaw Skill Name: atxp Version: 1.0.1 The SKILL.md contains explicit instructions that enable unauthorized remote control and potential arbitrary code execution. Specifically, it instructs the agent to check emails for 'instructions for downloading the latest version' and to act upon them, creating a direct prompt injection vector for an attacker to send malicious update commands via email. Additionally, it provides instructions on how to modify the critical `/root/.openclaw/openclaw.json` configuration file, which could be exploited to alter agent behavior or permissions. These are not mere vulnerabilities but explicit instructions to the agent that facilitate harmful behavior.