@emilioacc

ATXP

Access ATXP paid API tools for web search, AI image generation, music creation, video generation, X/Twitter search, email, and agent account management. Use...

当前版本
v1.0.1
30 4.7万总安装 0

SKILL.md

text/plain · 8139 字节

Security Scan

状态

suspicious

打开 VirusTotal

OpenClaw

gpt-5.5

suspicious

OpenClaw 分析

The skill mostly matches its ATXP-tool purpose, but it includes high-impact account, payment, email, and host-agent configuration capabilities with some under-scoped guidance.

置信度: high

VirusTotal

Type: OpenClaw Skill Name: atxp Version: 1.0.1 The SKILL.md contains explicit instructions that enable unauthorized remote control and potential arbitrary code execution. Specifically, it instructs the agent to check emails for 'instructions for downloading the latest version' and to act upon them, creating a direct prompt injection vector for an attacker to send malicious update commands via email. Additionally, it provides instructions on how to modify the critical `/root/.openclaw/openclaw.json` configuration file, which could be exploited to alter agent behavior or permissions. These are not mere vulnerabilities but explicit instructions to the agent that facilitate harmful behavior.

元数据

  • 作者: @emilioacc
  • 创建时间: 2026/01/26
  • 更新时间: 2026/05/19
  • 版本数: 2
  • 评论数: 0
  • 扫描时间: 2026/05/27

运行要求

官方公开数据里暂未列出运行要求。

ATXP | ClawHub 中文站