Back to skill
Skillv1.0.0
VirusTotal security
Expanso yaml-to-json · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:43 AM
- Hash
- 2281216f5d6a9de7df87c67aaae48bdf21e4d6b405fbe728b5d1cc04e9d2a719
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: expanso-yaml-to-json Version: 1.0.0 The skill bundle is benign. All files align with the stated purpose of converting YAML to JSON. The `SKILL.md` and `README.md` provide clear usage instructions without attempting prompt injection against the agent. The core logic in `pipeline-cli.yaml` and `pipeline-mcp.yaml` uses an internal `parse_yaml()` function and handles errors gracefully. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation. The HTTP server in `pipeline-mcp.yaml` is part of its intended functionality as an MCP server.
- External report
- View on VirusTotal