Back to skill
Skillv0.1.0
VirusTotal security
Fal.ai API · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:12 AM
- Hash
- a0c70a0418b08c883029106e1be39a53b4fe97de24db428b8a85eea027aaebbf
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: fal-ai Version: 0.1.0 The skill is designed to interact with the fal.ai API for generative media. It retrieves the API key from environment variables or `clawdbot` configuration, which is a standard and expected practice for OpenClaw skills. All network requests are directed to the legitimate `https://queue.fal.run` endpoint, and user inputs like prompts are sent as data to this API, not executed locally. The use of `subprocess.run` in `fal_api.py` is limited to safely retrieving configuration from `clawdbot` and does not pose a command injection risk. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection against the agent.
- External report
- View on VirusTotal