Back to skill
Skillv1.0.0
VirusTotal security
Open WebUI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:35 AM
- Hash
- 27ea65b523b4872c3c76d48b8b5079131fd6d6941223da1a5e8c144eb6456e3d
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: open-webui Version: 1.0.0 The skill bundle provides a legitimate API client for Open WebUI, implementing features like model listing, chat completions, file uploads for RAG, and Ollama proxy operations. The `SKILL.md` clearly defines the skill's purpose, prerequisites, and includes explicit safety instructions for the AI agent, such as never logging API tokens and requiring confirmation for sensitive actions like deleting models or accessing files outside the workspace. The `scripts/openwebui-cli.py` Python script adheres to these instructions, using standard libraries for network communication and file operations, and includes confirmation prompts for potentially destructive actions. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent.
- External report
- View on VirusTotal