ClawHub

VirusTotal Hash Analyzer

v1.0.2

Instantly check if a file, URL, domain, or IP is malicious using VirusTotal. Paste any MD5/SHA1/SHA256 hash, URL, domain name, or IP address into the chat an...

0· 327·0 current·0 all-time
by@bryan-project
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description ask to query VirusTotal for hashes/URLs/domains/IPs and the only required secret is VT_API_KEY. The included Python script and SKILL.md implement exactly those queries; no unrelated services, binaries, or credentials are requested.
Instruction Scope
Runtime instructions describe auto-detection of IOC types and invoking the local script. The only file-system access shown is locating the skill directory under /root/.openclaw to run the bundled script. The script supports reading IOCs from stdin or a user-specified file (normal for batch lookups) but the instructions do not direct reading arbitrary system files or other credentials.
Install Mechanism
No install spec; this is instruction + bundled script only. No downloads, package manager installs, or archive extraction are performed by the skill, minimizing install-time risk.
Credentials
Only VT_API_KEY is required, which is proportional to querying the VirusTotal API. The code reads that single env var and does not reference additional secrets or unrelated environment variables.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges. It does not modify other skills or system-wide configuration.
Assessment
This skill appears to do what it says: it calls VirusTotal v3 endpoints using the VT_API_KEY you provide and returns JSON reports for hashes/URLs/domains/IPs. Consider the following before installing/using: (1) Any IOC you submit is sent to VirusTotal and may be logged/shared per their policy — do not submit sensitive secrets or private data you cannot disclose. (2) Provide an API key with appropriate rate/quota limits; do not use broader credentials than needed. (3) The script can read IOCs from a file when you pass --file: only supply files you intend to query (don’t point it at arbitrary system files). (4) The SKILL.md command looks for the skill under /root/.openclaw — ensure the skill was installed from a trusted source and runs in an expected environment. If you need higher assurance, review the full vt_lookup.py source yourself (it is included) or run it in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk977b91k0004wcq9kjhtm1gvd982108g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvVT_API_KEY

Comments