Back to skill
Skillv1.0.1
VirusTotal security
Gecko Terminal API · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:25 AM
- Hash
- c68859beaa270cc7b6ee57674f2bbb1161aaa68e9a5cfa6dd30a9887e2d454bd
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: gecko-terminal Version: 1.0.1 This skill is benign. It is a read-only client for the public GeckoTerminal API, making HTTPS GET requests to a single, hardcoded domain (`https://api.geckoterminal.com`). The `scripts/geckoterminal-cli.mjs` script implements robust security controls, including strict URL validation to prevent SSRF, path traversal, and arbitrary URL fetching. User inputs for path segments are properly `encodeURIComponent`-ed, and query parameters are handled safely. The `SKILL.md` documentation clearly outlines the skill's purpose and limitations, explicitly stating no credential handling, wallet connections, or transactions, and disabling autonomous model invocation. There is no evidence of malicious intent, data exfiltration, or prompt injection attempts.
- External report
- View on VirusTotal