Back to skill
Skillv1.0.0
VirusTotal security
Popover · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMar 21, 2026, 11:21 AM
- Hash
- 16df7c801d96e0864c263af40834659724d197142b0b96c451dfd68fb7dc190f
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: popover Version: 1.0.0 The 'popover' skill is a generic bash-based utility for managing a local data store in `~/.popover/data.jsonl`. While its description claims to 'generate popover UI elements', the implementation in `scripts/script.sh` is actually a simple CRUD (Create, Read, Update, Delete) tool for strings. The code follows standard practices (e.g., `set -euo pipefail`, input validation for line numbers) and contains no evidence of malicious behavior, data exfiltration, or unauthorized execution. The discrepancy between the stated purpose and the implementation appears to be a result of using a generic template rather than intentional deception.
- External report
- View on VirusTotal