Back to skill
Skillv1.0.0
VirusTotal security
BaseCred · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:19 AM
- Hash
- 7e3f92c89dd0285f2ca12ac08684d8173545e3a2eced2f589a10330fc1b03cd3
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: basecred Version: 1.0.0 The skill bundle is benign. The `SKILL.md` instructions are clear and focused on the stated purpose, showing no signs of prompt injection. The `scripts/query.mjs` script correctly uses environment variables (`TALENT_PROTOCOL_API_KEY`, `NEYNAR_API_KEY`) for API access, loading them from `.env` files or the environment. Network calls are made to legitimate API endpoints (`https://api.ethos.network`, `https://api.talentprotocol.com`, and implicitly Neynar) directly related to fetching on-chain reputation profiles. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
- External report
- View on VirusTotal