Back to skill
Skillv1.0.0
VirusTotal security
PLEX-CTL · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:55 AM
- Hash
- b5462099062e891da08ee879edb71cbbdf70bb35b1acf4ff671a6eed0f5394ea
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: plex-ctl Version: 1.0.0 The OpenClaw AgentSkills bundle for 'plexctl' is benign. The code (`plexctl.py`) is a straightforward CLI wrapper around the `plexapi` library, designed to control a user's local Plex Media Server. It stores configuration (Plex URL and token) locally in `~/.plexctl/config.json` and connects directly to the specified Plex server. There is no evidence of data exfiltration, malicious execution (e.g., `curl|bash`, `eval`), persistence mechanisms, or obfuscation. The `SKILL.md` and `README.md` provide clear, well-defined instructions for the agent and user, explicitly stating local-only operation and no external data sharing. The use of `argparse` in `plexctl.py` mitigates direct shell injection risks into the Python script itself, assuming the agent correctly passes user input as quoted arguments.
- External report
- View on VirusTotal