Back to skill
Skillv1.0.0
VirusTotal security
Arena Social · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:53 AM
- Hash
- f537d69393fa6b717bae08a0c777e641e0d0c73eb926986f37b67afadf9feb4c
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: arena-social Version: 1.0.0 The skill bundle is benign. The `SKILL.md` clearly outlines the purpose of interacting with the starsarena.com social platform. The `arena.sh` script loads the `ARENA_API_KEY` from `~/clawd/.env` as specified in the documentation, and all network requests are directed to `https://api.starsarena.com`. User inputs are properly sanitized using Python's `json.dumps` and `urllib.parse.quote` functions before being sent in API requests, mitigating common injection vulnerabilities. There is no evidence of data exfiltration, persistence mechanisms, or prompt injection attempts to subvert the agent's intended behavior.
- External report
- View on VirusTotal